PhoneGap Ajax call to HTTPS server with self-signed certificate fails

Question

I am relatively new to phonegap and I have recently set up HTTPS/SSL on my windows apache server with a self signed certificate and am trying to make an HTTPS ajax post request. The request works fine when ran in a browser but fails when run within phonegap. I tried setting android:debuggable to false but that did not fix the issue. I have also done some research and it appears that phonegap does support HTTPS ajax requests so I am confused as to why the request is failing.

Does anyone know why this could be?

Answer 1

This is a quote from Joe Bowser who wrote the code to allow self signed certs on PhoneGap Android:

1. If you are doing development: android:debuggable="true" in the manifest, you should allow the browser to request data from servers with a self-signed or bad SSL cert
2. If you are releasing an application, you should remove the android:debuggable="true" (Android Market won't let you release with this on anyway) and you will NOT be able to send data to a server with a bad SSL cert
3. If you don't have this flag set, the default will be what the default is now, which is that you won't be able to send data to servers with a self-signed cert

So it seems like you should be able to do what you want by setting android:debuggable="true". If that isn't working for you we'll need to get a reproduction scenario from you, the version of PhoneGap and the version of Android you are using.

Probably best to raise a bug in Jira for us:

https://issues.apache.org/jira/browse/CB#selectedTab=com.atlassian.jira.plugin.system.project%3Aissues-panel

Answer 2

I spent hours on this issue until I found that there is a quick and dirty fix possible. It involves overriding CordovaWebViewClient to ignore certificate errors.