Bypass “The certificate for this server is invalid” issue on Ionic 5. Works with WKWebview — Solution April 2021
Lately, i was provided with API endpoints with a self signed certificate. This was being used in development environment. Every time i use these endpoints i get this error
The certificate for this server is invalid. You might be connecting to a server that is pretending to be “examplesite.com” which could put your confidential information at risk.
Solution:
- (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler {
NSLog(@"Allowing all");
SecTrustRef serverTrust = challenge.protectionSpace.serverTrust;
CFDataRef exceptions = SecTrustCopyExceptions (serverTrust);
SecTrustSetExceptions (serverTrust, exceptions);
CFRelease (exceptions);
completionHandler (NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:serverTrust]);
}
Add the above code to
platforms ▸ ios ▸ youAppName ▸ Plugins ▸ cordova-plugin-ionic-webview ▸ CDVWKWebViewEngine.m
I was fairly new to native code, so i did mistakes in pasting the code. what worked for me was pasting it after @implementation CDVWKWebViewEngine
And then, add this in info.plist
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
If you are not finding info.plist, add in your config.xml file inside <platform name="ios">
<config-file file="*-Info.plist" mode="merge" target="NSAppTransportSecurity"><dict><key>NSAllowsArbitraryLoads</key><false /></dict></config-file>
And dont forget to rebuild.