Titanium JIRA Archive
Appcelerator Community (AC)

[AC-954] Does validatesSecureCertificate "true" can validate SSLCertificate of a service which use SHA-256 algorithm?

GitHub Issuen/a
TypeBug
Priorityn/a
StatusClosed
ResolutionNot Our Bug
Resolution Date2016-01-12T06:04:21.000+0000
Affected Version/sn/a
Fix Version/sn/a
Componentsn/a
Labelsn/a
ReporterVenkata
AssigneeRadamantis Torres-Lechuga
Created2016-01-08T15:07:01.000+0000
Updated2016-03-08T07:37:16.000+0000

Description

Hi, we have a service with SSL certificate installed using SHA-256 algorithm and titanium showing the following error message: The certificate for this server is invalid. You may be connected to a server that pretends "xxx.xxx.net" to be, and your confidential information at risk. does titanium can validate SSL certificates that use SHA-256 algorithm?

Comments

  1. Venkata 2016-01-08

    triggering the service using Ti.Network.createHTTPClient
  2. Sharif AbuDarda 2016-01-10

    Hello [~vvalluru], Please provide some sample code and steps to follow so we can regenerate the issue. According to the link [herehttp://docs.appcelerator.com/platform/latest/#!/guide/SSL_Certificate_Store_Support_for_HTTP_Clients] Since Release 3.3.0, the mechanisms described in this document to support SSL Certificate Stores for HTTP Clients are no longer supported. You should instead use the HTTPClient's securityManager property to implement support for SSL Certificate Stores. The Android-specific Titanium.Network.HTTPClient addKeyManager and addTrustManager methods are deprecated and removed in Release 3.4.0. The iOS-specific Titanium.Network.HTTPClient clientCertificateIdentity and clientCertificates properties are no longer supported. There are similar [community entry](https://developer.appcelerator.com/question/120117/webview-ssl-certificate-error---no-way-to-accept-expired-server-certificate---ipad-app) on the issue. Reply with Sample code and steps to follow. Thanks.
  3. Venkata 2016-01-11

    Hi, we not using webview. we are using a rest api to retrieve a simple JSON from a system. we have validatesSecureCertificate to true for every request that's being made from the app. it was working when the SSL certificate was with SHA-1 algorithm and recently the endpoint api renewed their certificate to SHA256 from that moment we are recieveing the mentioned error. for your reference here is the endpoint i am using: https://stg-adidas.crplatform.net if i try to look up SSL details using the following link, i recieve a error as mentioned below: https://www.sslshopper.com/ssl-checker.html?hostname=https%3A%2F%2Fstg-adidas.crplatform.net *_The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following GoDaddy's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates. _* also we are not using any keystore or intermediate certificate to validate using securityManager api. just default validation with validatesSecureCertificate to true.
  4. Venkata 2016-01-11

    sorry to bother you on it. this was a issue from our api endpoint. they resolved it.

JSON Source