Invalid SSL certificate! #61
Description
I try to use nativescript-https for certificate pinning. Unfortunately to no effect. I downloaded the .cer file as a "DER Encoded Binary X.509 (CER)" file and as a "Base64 encoded X.509 (*.cer)" but keep getting the log message "Invalid SSL certificate!".
I use following code:
import { knownFolders, Folder, File } from "tns-core-modules/file-system";
import * as Https from 'nativescript-https'
let dir = knownFolders.currentApp().getFolder('certs');
let certificate = dir.getFile('mydomain.nl.cer').path;
Https.enableSSLPinning({ host: 'mydomain.nl', certificate: certificate });
Https.request({
url: 'https://mysubdomain.mydomain.nl/',
method: 'GET',
timeout: 3
})
.then((response: any) => {
console.log("request response: ", { response });
})
.catch((error) => {
console.log("request error: ", { error });
});
(I tried host 'mysubdomain.mydomain.nl' and '*.mydomain.nl' as well, all to no effect.)
The request runs into the .then() branch with an "Invalid SSL certificate!" message.
So I installed the demo application. Unfortunately the demo give the same results. After [npm run demo.ios] from the [src] directory, I did following:
- press the [Httpbin pinning on] button
- press the [Get Httpbin] button
- press the [Get Httpbin (large response] button
- press the [Get Mockbin] button
All [get] buttons lead to "Invalid SSL certificate!" log messages.
What am I missing or doing wrong?
CONSOLE INFO file:///app/Users/Alex/nativescript/demos/nativescript-https/src/https.ts:40:13: nativescript-https > Disabled SSL pinning by default
CONSOLE LOG file:///app/Users/Alex/nativescript/demos/nativescript-https/src/https.ts:37:14: nativescript-https > Disabled SSL pinning
CONSOLE LOG file:///app/main-page.ts:73:14: disabled
CONSOLE LOG file:///app/Users/Alex/nativescript/demos/nativescript-https/src/https.ts:32:14: nativescript-https > Enabled SSL pinning
CONSOLE LOG file:///app/main-page.ts:61:14: enabled
CONSOLE LOG Https.request response {
"content": {
"body": "",
"description": "nativescript-https > Invalid SSL certificate! Error Domain=NSURLErrorDomain Code=-999 \"cancelled\" UserInfo={NSErrorFailingURLStringKey=https://httpbin.org/get, NSErrorFailingURLKey=https://httpbin.org/get, _NSURLErrorRelatedURLSessionTaskErrorKey=(\n \"LocalDataTask <EA3B40B5-619F-452D-BB3E-66E6EEADD497>.<1>\"\n), _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <EA3B40B5-619F-452D-BB3E-66E6EEADD497>.<1>, NSLocalizedDescription=cancelled}",
"reason": "cancelled",
"url": "https://httpbin.org/get"
},
"headers": {},
"reason": "cancelled"
}
CONSOLE LOG Https.request response {
"content": {
"body": "",
"description": "nativescript-https > Invalid SSL certificate! Error Domain=NSURLErrorDomain Code=-999 \"cancelled\" UserInfo={NSErrorFailingURLStringKey=https://httpbin.org/bytes/100000, NSErrorFailingURLKey=https://httpbin.org/bytes/100000, _NSURLErrorRelatedURLSessionTaskErrorKey=(\n \"LocalDataTask <546B9BA5-8939-4898-8626-D4D813B42A51>.<1>\"\n), _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <546B9BA5-8939-4898-8626-D4D813B42A51>.<1>, NSLocalizedDescription=cancelled}",
"reason": "cancelled",
"url": "https://httpbin.org/bytes/100000"
},
"headers": {},
"reason": "cancelled"
}
CONSOLE LOG Https.request response {
"content": {
"body": "",
"description": "nativescript-https > Invalid SSL certificate! Error Domain=NSURLErrorDomain Code=-999 \"cancelled\" UserInfo={NSErrorFailingURLStringKey=https://mockbin.com/request, NSErrorFailingURLKey=https://mockbin.com/request, _NSURLErrorRelatedURLSessionTaskErrorKey=(\n \"LocalDataTask <437D0F6C-A429-4911-9072-2B88B95D205F>.<1>\"\n), _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <437D0F6C-A429-4911-9072-2B88B95D205F>.<1>, NSLocalizedDescription=cancelled}",
"reason": "cancelled",
"url": "https://mockbin.com/request"
},
"headers": {},
"reason": "cancelled"
}