{ "id": "154185", "key": "AC-954", "fields": { "issuetype": { "id": "1", "description": "A problem which impairs or prevents the functions of the product.", "name": "Bug", "subtask": false }, "project": { "id": "12217", "key": "AC", "name": "Appcelerator - INBOX", "projectCategory": { "id": "10000", "description": "", "name": "Customer Service" } }, "resolution": { "id": "11", "description": "Is not a bug in our product", "name": "Not Our Bug" }, "resolutiondate": "2016-01-12T06:04:21.000+0000", "created": "2016-01-08T15:07:01.000+0000", "labels": [], "versions": [], "issuelinks": [], "assignee": { "name": "rtlechuga", "key": "rtlechuga", "displayName": "Radamantis Torres-Lechuga", "active": false, "timeZone": "Asia/Dubai" }, "updated": "2016-03-08T07:37:16.000+0000", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "components": [], "description": "Hi,\r\nwe have a service with SSL certificate installed using SHA-256 algorithm and titanium showing the following error message:\r\nThe certificate for this server is invalid. You may be connected to a\r\nserver that pretends \"xxx.xxx.net\" to be, and your confidential\r\ninformation at risk.\r\n\r\ndoes titanium can validate SSL certificates that use SHA-256 algorithm?", "attachment": [], "flagged": false, "summary": "Does validatesSecureCertificate \"true\" can validate SSLCertificate of a service which use SHA-256 algorithm?", "creator": { "name": "vvalluru", "key": "vvalluru", "displayName": "Venkata", "active": true, "timeZone": "America/Los_Angeles" }, "subtasks": [], "reporter": { "name": "vvalluru", "key": "vvalluru", "displayName": "Venkata", "active": true, "timeZone": "America/Los_Angeles" }, "environment": null, "comment": { "comments": [ { "id": "374095", "author": { "name": "vvalluru", "key": "vvalluru", "displayName": "Venkata", "active": true, "timeZone": "America/Los_Angeles" }, "body": "triggering the service using Ti.Network.createHTTPClient", "updateAuthor": { "name": "vvalluru", "key": "vvalluru", "displayName": "Venkata", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-01-08T15:07:52.000+0000", "updated": "2016-01-08T15:07:52.000+0000" }, { "id": "374135", "author": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "body": "Hello [~vvalluru], Please provide some sample code and steps to follow so we can regenerate the issue. According to the link [herehttp://docs.appcelerator.com/platform/latest/#!/guide/SSL_Certificate_Store_Support_for_HTTP_Clients] Since Release 3.3.0, the mechanisms described in this document to support SSL Certificate Stores for HTTP Clients are no longer supported. You should instead use the HTTPClient's securityManager property to implement support for SSL Certificate Stores.\r\n\r\nThe Android-specific Titanium.Network.HTTPClient addKeyManager and addTrustManager methods are deprecated and removed in Release 3.4.0.\r\n\r\nThe iOS-specific Titanium.Network.HTTPClient clientCertificateIdentity and clientCertificates properties are no longer supported.\r\n\r\nThere are similar [community entry|https://developer.appcelerator.com/question/120117/webview-ssl-certificate-error---no-way-to-accept-expired-server-certificate---ipad-app] on the issue. Reply with Sample code and steps to follow. Thanks.\r\n\r\n ", "updateAuthor": { "name": "sdarda", "key": "sdarda", "displayName": "Sharif AbuDarda", "active": false, "timeZone": "Asia/Dhaka" }, "created": "2016-01-10T10:46:55.000+0000", "updated": "2016-01-10T10:46:55.000+0000" }, { "id": "374167", "author": { "name": "vvalluru", "key": "vvalluru", "displayName": "Venkata", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Hi,\r\nwe not using webview. we are using a rest api to retrieve a simple JSON from a system. we have validatesSecureCertificate to true for every request that's being made from the app. it was working when the SSL certificate was with SHA-1 algorithm and recently the endpoint api renewed their certificate to SHA256 from that moment we are recieveing the mentioned error. for your reference here is the endpoint i am using: https://stg-adidas.crplatform.net\r\n\r\nif i try to look up SSL details using the following link, i recieve a error as mentioned below:\r\nhttps://www.sslshopper.com/ssl-checker.html?hostname=https%3A%2F%2Fstg-adidas.crplatform.net\r\n \t\r\n*_The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following GoDaddy's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.\r\n_*\r\n\r\nalso we are not using any keystore or intermediate certificate to validate using securityManager api. just default validation with validatesSecureCertificate to true.\r\n", "updateAuthor": { "name": "vvalluru", "key": "vvalluru", "displayName": "Venkata", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-01-11T09:21:46.000+0000", "updated": "2016-01-11T09:21:46.000+0000" }, { "id": "374171", "author": { "name": "vvalluru", "key": "vvalluru", "displayName": "Venkata", "active": true, "timeZone": "America/Los_Angeles" }, "body": "sorry to bother you on it. this was a issue from our api endpoint. they resolved it.", "updateAuthor": { "name": "vvalluru", "key": "vvalluru", "displayName": "Venkata", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2016-01-11T09:56:11.000+0000", "updated": "2016-01-11T09:56:11.000+0000" } ], "maxResults": 4, "total": 4, "startAt": 0 } } }