res\/xml\/cordova.xml
\nIf whitelist looks fine, the error is most likely caused by inner implementation of Android System. The Android WebView does not allow by default self-signed SSL certs. When app is debug-signed the SSL error is ignored, but if app is release-signed connection to untrusted services is blocked.<\/li>\n<\/ul>\n
Workaround<\/span><\/h3>\n\u00a0<\/span><\/div>\nYou have to remember that secure connection to service with self-signed certificate is risky and unrecommended. But if you know what you are doing there is some workaround of the security problem. Behavior of method<\/p>\n
CordovaWebViewClient.onReceivedSslErrormust be changed.\r\n<\/pre>\n <\/p>\n
Thus add new class extended CordovaWebViewClient and override \u2018onReceivedSslError\u2019. I strongly suggest to implement custom onReceiveSslError as secure as possible. I know that the problem occours when app try connect to example.domain.com and in spite of self signed certificate the domain is trusted, so only for that case the SslError is ignored.<\/p>\n
public class MyWebViewClient extends CordovaWebViewClient {\r\n\r\n private static final String TAG = MyWebViewClient.class.getName();\r\n private static final String AVAILABLE_SLL_CN\r\n= \"example.domain.com\";\r\n\r\n public MyWebViewClient(DroidGap ctx) {\r\n super(ctx);\r\n }\r\n\r\n @Override\r\n public void onReceivedSslError(WebView view,\r\nSslErrorHandler handler,\r\nandroid.net.http.SslError error) {\r\n\r\nString errorSourceCName = error.getCertificate().\r\ngetIssuedTo().getCName();\r\n\r\n if( AVAILABLE_SLL_CN.equals(errorSourceCName) ) {\r\n Log.i(TAG, \"Detect ssl connection error: \" +\r\nerror.toString() +\r\n\u00e2\u20ac\u017e so the error is ignored\u00e2\u20ac\u009d);\r\n\r\n handler.proceed();\r\n return;\r\n }\r\n\r\n super.onReceivedSslError(view, handler, error);\r\n }\r\n}Next step is forcing yours app to \u00c2 use custom implementation of WebViewClient. public class Start extends DroidGap\r\n{\r\n private static final String TAG = Start.class.getName();\r\n\r\n @Override\r\n public void onCreate(Bundle savedInstanceState)\r\n {\r\n super.onCreate(savedInstanceState);\r\n super.setIntegerProperty(\"splashscreen\", R.drawable.splash);\r\n super.init();\r\n\r\n MyWebViewClient myWebViewClient = new MyWebViewClient(this);\r\n myWebViewClient.setWebView(this.appView);\r\n\r\n this.appView.setWebViewClient(myWebViewClient);\r\n \r\n\/\/ yours code\r\n\r\n }\r\n}<\/pre>\nThat is all ypu have to do if minSdk of yours app is greater or equals 8. In older version of Android there is no class android.net.http.SslErrorSo in class MyCordovaWebViewClient class there are errors because compliator doesn\u00e2\u20ac\u2122t see SslError class. Fortunately Android is(was) open source, so it is easy to find source of the class. There is no inpediments to \u00e2\u20ac\u02dcupgrade\u00e2\u20ac\u2122 app and just add the file to project. I suggest to keep original packages. Thus after all operations the source tree looks like:<\/p>\n
You have to remember that secure connection to service with self-signed certificate is risky and unrecommended. But if you know what you are doing there is some workaround of the security problem. Behavior of method<\/p>\n
CordovaWebViewClient.onReceivedSslErrormust be changed.\r\n<\/pre>\n<\/p>\n
Thus add new class extended CordovaWebViewClient and override \u2018onReceivedSslError\u2019. I strongly suggest to implement custom onReceiveSslError as secure as possible. I know that the problem occours when app try connect to example.domain.com and in spite of self signed certificate the domain is trusted, so only for that case the SslError is ignored.<\/p>\n
public class MyWebViewClient extends CordovaWebViewClient {\r\n\r\n private static final String TAG = MyWebViewClient.class.getName();\r\n private static final String AVAILABLE_SLL_CN\r\n= \"example.domain.com\";\r\n\r\n public MyWebViewClient(DroidGap ctx) {\r\n super(ctx);\r\n }\r\n\r\n @Override\r\n public void onReceivedSslError(WebView view,\r\nSslErrorHandler handler,\r\nandroid.net.http.SslError error) {\r\n\r\nString errorSourceCName = error.getCertificate().\r\ngetIssuedTo().getCName();\r\n\r\n if( AVAILABLE_SLL_CN.equals(errorSourceCName) ) {\r\n Log.i(TAG, \"Detect ssl connection error: \" +\r\nerror.toString() +\r\n\u00e2\u20ac\u017e so the error is ignored\u00e2\u20ac\u009d);\r\n\r\n handler.proceed();\r\n return;\r\n }\r\n\r\n super.onReceivedSslError(view, handler, error);\r\n }\r\n}Next step is forcing yours app to \u00c2 use custom implementation of WebViewClient. public class Start extends DroidGap\r\n{\r\n private static final String TAG = Start.class.getName();\r\n\r\n @Override\r\n public void onCreate(Bundle savedInstanceState)\r\n {\r\n super.onCreate(savedInstanceState);\r\n super.setIntegerProperty(\"splashscreen\", R.drawable.splash);\r\n super.init();\r\n\r\n MyWebViewClient myWebViewClient = new MyWebViewClient(this);\r\n myWebViewClient.setWebView(this.appView);\r\n\r\n this.appView.setWebViewClient(myWebViewClient);\r\n \r\n\/\/ yours code\r\n\r\n }\r\n}<\/pre>\nThat is all ypu have to do if minSdk of yours app is greater or equals 8. In older version of Android there is no class android.net.http.SslErrorSo in class MyCordovaWebViewClient class there are errors because compliator doesn\u00e2\u20ac\u2122t see SslError class. Fortunately Android is(was) open source, so it is easy to find source of the class. There is no inpediments to \u00e2\u20ac\u02dcupgrade\u00e2\u20ac\u2122 app and just add the file to project. I suggest to keep original packages. Thus after all operations the source tree looks like:<\/p>\n
![](\"http:\/\/2.bp.blogspot.com\/-Bk9U3BxOkkw\/UaW4xvBt2fI\/AAAAAAAAAME\/yLSMVUqtYIU\/s1600\/sslAndroidSourceTree.png\")
<\/a><\/td>\n<\/tr>\n