12

I'm currently working w/ react native on Android. I am making api requests using fetch() but the requests give me a network request failure, which is due to the endpoint having no ssl certificate. I was able to remove this check on iOS by modifying some xcode files. Is there a way to ignore ssl certificate checks on Android?

Improve this question
0

3 Answers 3

Reset to default
2 
/**
 * Disables the SSL certificate checking for new instances of {@link HttpsURLConnection} This has been created to
 * aid testing on a local box, not for use on production.
 */
private static void disableSSLCertificateChecking() {
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        @Override
        public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
            // Not implemented
        }

        @Override
        public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
            // Not implemented
        }
    } };

    try {
        SSLContext sc = SSLContext.getInstance("TLS");

        sc.init(null, trustAllCerts, new java.security.SecureRandom());

        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
    } catch (KeyManagementException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
}

Found this here: https://gist.github.com/aembleton/889392. Not too sure if it works but its a start!

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Hi witch document should I paste it?
1

I am also facing the same issue. I have used library rn-fetch-blob. and paste the below code in index.js.

import {AppRegistry} from 'react-native';
import App from './App';
import {name as appName} from './app.json';
import RNFetchBlob from 'rn-fetch-blob';

AppRegistry.registerComponent(appName, () => App);
const Fetch = RNFetchBlob.polyfill.Fetch
// replace built-in fetch
window.fetch = new Fetch({
     // enable this option so that the response data conversion handled automatically
     auto : true,
    // when receiving response data, the module will match its Content-Type header
   // with strings in this array. If it contains any one of string in this array, 
  // the response body will be considered as binary data and the data will be stored
  // in file system instead of in memory.
  // By default, it only store response data to file system when Content-Type 
  // contains string `application/octet`.
  binaryContentTypes : [
    'image/',
    'video/',
    'audio/',
    'foo/',
 ],
 trusty : true
}).build()

If still, you are facing the issue with SSL Handshake in Android then try to use below solution. and called the below function from onCreate() in MainApplication.java:-

 import android.annotation.SuppressLint;
 import java.security.SecureRandom;
 import java.security.cert.X509Certificate;

 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;

 public class MainApplication extends Application implements ReactApplication {
    @Override
    public void onCreate() {
         super.onCreate();
         handleSSLHandshake();
         SoLoader.init(this, /* native exopackage */ false);
         initializeFlipper(this); // Remove this line if you don't want Flipper enabled
    }

    /**
    * Enables https connections
    */
   @SuppressLint("TrulyRandom")
    public static void handleSSLHandshake() {
        try {
            TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
               public X509Certificate[] getAcceptedIssuers() {
                  return new X509Certificate[0];
               }

              @Override
              public void checkClientTrusted(X509Certificate[] certs, String authType) {
              }

               @Override
               public void checkServerTrusted(X509Certificate[] certs, String authType) {
               }
           }};

           SSLContext sc = SSLContext.getInstance("SSL");
           sc.init(null, trustAllCerts, new SecureRandom());


     HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
          HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
               @Override
               public boolean verify(String arg0, SSLSession arg1) {
                  return true;
              }
           });
      } catch (Exception ignored) {
      }
    } 
 }
Improve this answer

3 Comments

letsencrypt started issuing free certificates in 2014. Instead of making valid SSL certificate for development setup you guys are crippling the security of your app and making bad code snippets which gets used(copy/pasted) by thousands of junior developers. Are you sure you fix the problem properly? Should not you make valid ssl cert for your development server instead of breaking the app?
yes @MaximSagaydachny need to make a valid SSL certificate for development but I am working on the frontend so to fix this issue I used above solution. I don't know the reason why backend folks not using the valid SSL certificate.
This solution worked for me. Working with React-native version 0.62
0

NOTE: this is dirty solution

you can patch webview package

go to node_modules/android/src/main/java/com/reactnativecommunity/webview/RNCWebViewManager.java

in onReceivedSslError change handler.cancel() to handler.proceed(); like this

@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
   // before: handler.cancel();
  handler.proceed();
}

if you want to do patch-package then you can use this patch-package library

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.