Skip to content

Override always default Android hostname verifier#23

Open
Guatom wants to merge 1 commit into
nativescript-community:masterfrom
Guatom:master
Open

Override always default Android hostname verifier#23
Guatom wants to merge 1 commit into
nativescript-community:masterfrom
Guatom:master

Conversation

@Guatom

@Guatom Guatom commented Feb 6, 2018

Copy link
Copy Markdown

This fixes the following problem:

javax.net.ssl.SSLPeerUnverifiedException: Hostname WWW.XXX.YYY.ZZZ not verified:
... ...
subjectAltNames: [] ; Zone: <root> ; Task: Promise.then ; Value: javax.net.ssl.SSLPeerUnverifiedException: Hostname WWW.XXX.YYY.ZZZ not verified:

A couple of months ago, Android stopped accepting self-signed certificates without SAN value when performing a WS call. I took a look at nativescript-https's code and there's this option validatesDomainName: if false, it uses default Android hostname verification which throws the mentioned error; if true, it uses a custom hostname verifier.

With my proposed change, the custom verifier will always be used, but it will return true if validatesDomainName === false and will use current logic if validatesDomainName === true. This can be returned some lines before, just at the beginning of verify and save some processing, but I think it looks fancier this way. I'll modify the code if needed.

I used this for a development environment and I thought it was useful since I saw some people having the same problem. I think this could be useful for someone else.

Best regards from _travelDevs.

This fixes the following problem:

javax.net.ssl.SSLPeerUnverifiedException: Hostname WWW.XXX.YYY.ZZZ not verified:
                                           ... ...
                                           subjectAltNames: [] ; Zone: <root> ; Task: Promise.then ; Value: javax.net.ssl.SSLPeerUnverifiedException: Hostname WWW.XXX.YYY.ZZZ not verified:

@roblav96 roblav96 left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 🥇 =]

@Guatom

Guatom commented Jun 14, 2018

Copy link
Copy Markdown
Author

Hey @roblav96! Any chance for this to get merged?

Thanks in advance.

@jjonly

jjonly commented Jan 27, 2020

Copy link
Copy Markdown

@Guatom You mentioned, that Android requires a SAN value for self-signed certificates. I can't find any information or documentation for this. Do you by any chance have a source for this info? Thanks in advance!

@Guatom

Guatom commented Aug 13, 2020

Copy link
Copy Markdown
Author

@jjonly sorry my friend! I don't know why I hadn't been notified about this. Do you still need help?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

3 participants