B4J Question Webview & Certificate Lets encrypt

Siam

Active Member
Licensed User
Hello,

i will open an SSL Page witch has a Let's encrypt Certificate but nothing happens

if i load :

webview1.LoadUrl("https://www.siam-net.de") or webview1.LoadUrl("https://smarthome.iokz.de")
nothing happens.. no error... no page .. nothing

if i load
webview1.LoadUrl("https://www.google.de")
it works fine.

is it possible that the webview can't handle the certificate from let's encrypt ?

regards

Andy
 

Erel

Administrator
Staff member
Licensed User
You can disable the SSL tests with this code:
B4X:
Sub AppStart (Form1 As Form, Args() As String)
   MainForm = Form1
   MainForm.SetFormStyle("UNIFIED")
   MainForm.RootPane.LoadLayout("1") 'Load the layout file.
   MainForm.Show
   Dim jo As JavaObject = Me
   jo.RunMethod("disableSSLTest", Null)
   WebView1.Loadurl("https://www.siam-net.de")
End Sub

#if JAVA
import java.net.MalformedURLException;
import java.net.URL;
import java.security.GeneralSecurityException;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public static void disableSSLTest() {

     TrustManager[] trustAllCerts = new TrustManager[] {
         new X509TrustManager() {   
           public java.security.cert.X509Certificate[] getAcceptedIssuers() {
             return null;
           }
           public void checkClientTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
           public void checkServerTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
         }
     };

     // Install the all-trusting trust manager
     try {
       SSLContext sc = SSLContext.getInstance("SSL");
       sc.init(null, trustAllCerts, new java.security.SecureRandom());
       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     } catch (GeneralSecurityException e) {
     }
     // Now you can access an https URL without having the certificate in the truststore
     try {
       URL url = new URL("https://hostname/index.html");
     } catch (MalformedURLException e) {
     }
   }
#end if
Based on this answer: http://stackoverflow.com/questions/...not-working-using-a-untrusted-ssl-certificate
 

mik1214324

Member
Licensed User
You can disable the SSL tests with this code:
B4X:
Sub AppStart (Form1 As Form, Args() As String)
   MainForm = Form1
   MainForm.SetFormStyle("UNIFIED")
   MainForm.RootPane.LoadLayout("1") 'Load the layout file.
   MainForm.Show
   Dim jo As JavaObject = Me
   jo.RunMethod("disableSSLTest", Null)
   WebView1.Loadurl("https://www.siam-net.de")
End Sub

#if JAVA
import java.net.MalformedURLException;
import java.net.URL;
import java.security.GeneralSecurityException;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public static void disableSSLTest() {

     TrustManager[] trustAllCerts = new TrustManager[] {
         new X509TrustManager() {  
           public java.security.cert.X509Certificate[] getAcceptedIssuers() {
             return null;
           }
           public void checkClientTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
           public void checkServerTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
         }
     };

     // Install the all-trusting trust manager
     try {
       SSLContext sc = SSLContext.getInstance("SSL");
       sc.init(null, trustAllCerts, new java.security.SecureRandom());
       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     } catch (GeneralSecurityException e) {
     }
     // Now you can access an https URL without having the certificate in the truststore
     try {
       URL url = new URL("https://hostname/index.html");
     } catch (MalformedURLException e) {
     }
   }
#end if
Based on this answer: http://stackoverflow.com/questions/...not-working-using-a-untrusted-ssl-certificate

Erel, this is good answer and maybe it works on b4a, but it tooks me about hard 5 hours to make it work on b4j) - few lines of code but its was not easy to get it work.
FINALY it works:

B4X:
Sub AppStart (Form1 As Form, Args() As String)
        Dim jo As JavaObject = Me
        jo.RunMethod("disableSSLTest", Null)
       'now you can open web-sites wich uses self-signed ssl 
       Web.LoadUrl("https://192.168.0.18")
End Sub

#if JAVA
import java.security.GeneralSecurityException;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;

public static void disableSSLTest() {
     TrustManager[] trustAllCerts = new TrustManager[] {
         new X509TrustManager() {   
           public java.security.cert.X509Certificate[] getAcceptedIssuers() {
             return null;
           }
           public void checkClientTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
           public void checkServerTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
         }
     };

    // Install the all-trusting trust manager
     try {
       SSLContext sc = SSLContext.getInstance("SSL");
       sc.init(null, trustAllCerts, new java.security.SecureRandom());
       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     } catch (GeneralSecurityException e) {
     }

      HostnameVerifier allHostsValid = new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) {
            return true;
        }
     };

    // Install the all-trusting host verifier
    HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); 
   }
#end if
 
Top