breautek commented on issue #786: URL: https://github.com/apache/cordova-plugin-inappbrowser/issues/786#issuecomment-695010602
> Hi faugusztin, thanks for answer! The problem is, I don't have access to this server. It's a 3rd party website in which we getting stock market data from. Is there any way to fix this without doing what you suggested? You could maybe proxy the connection so the android app hits your server, which in turn connects/redirects the connection to cei.b3.com on the behalf of the android client. This should work if your server has those common chain certificates like faugusztin mentioned, but it's possible that it doesn't and it's not available. If it's not available, then there is no **secure** way to fix this, without getting the system administrators of that server involved. I'll admit the proxy idea is not really ideal... My personal opinion is to find another source for the market share data, or find a way to get in touch with their system adminstrator to see if they can correct their server configuration. > Do you know why it works width default Chrome browser on Android device, but doens't with InappBrowswer? Android docs does a good job describing some of the differences: https://developer.android.com/training/articles/security-ssl#MissingCa The most interesting note: > What is interesting to note here is that visiting this server in most desktop browsers does not cause an error like a completely unknown CA or self-signed server certificate would cause. This is because most desktop browsers cache trusted intermediate CAs over time. Once a browser has visited and learned about an intermediate CA from one site, it won't need to have the intermediate CA included in the certificate chain the next time. This means if on the browser, if visited a website that uses the same CA, and sends the complete chain, websites with the same CA that doesn't send the complete chain will still work because the intermediate is cached and reused across multiple websites using the same certificate authority. The android webviews however does not do this. Since this issue is not related to Cordova, I'll be closing this issue. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
