HTTPS request using invalid certificate in Blackberry tablet

Report · Dec 23, 2010

Hi,

I've developed a test flex application to run in the blackberry's tablet simulator, that requests data from a HTTPS service.

When I test it against a server that uses a valid certificate, it works just fine. But using a self signed, invalid certificate, it throws a ioError (#2032).

I've found someone here: http://forums.adobe.com/thread/680181?tstart=0 that sees another behaviour in other platform (desktop I suppose): the request succeeds, but shows a warning message. So, the fact it doesn't work at all seems to be specific of the blackberry tablet platform.

The test application currently uses mx.rpc.http.HTTPService, but I've also made tests with URLLoader (without success).

Does anyone know a workaround for this?

Thank you very much!

Report · Sep 26, 2011

I can confirm that this is still an issue with the air for mobile runtime, I can duplicate it both in IOS and in Android. Basically I can't make HTTPS requests to servers that have self-signed / invalid certificates, the request times out in Android or returns IOError #2032 in IOS. The requests do work when running my app from the Flash Builder device emulators though. Anyone have any ideas on a work around?

Report · Sep 27, 2011

I can reproduce the issue with an invalid certificate, but I am able to work with a valid self-signed certificate without any problem. I just added the certificate in the device first (easy to do on any platform) and then I can use my app without any problem. I tried on iOS, android and Playbook.

Report · Mar 20, 2013

Rangora, how did you add the certificate to the device? I'm developing an app for iOS and facing the same problem, but IDK how to add the self-signed certificate to the app and to make the app recognize it. You've added it while developing (maybe to the app repository before exporting it as an APK or, in this case, .IPA) or do you request the app to download it before every single URLLoader request?

Thanks for the help.

Report · Mar 20, 2013

Sadly I probably won't be able to help you a lot. We were using a self-signed certificate for the development process only so we installed the certificate directly in the devices (we sent it to the tablet by email and installed it). It wasn't a problem in our case since we had a valid certificate for the production environment.

Adobe Community

HTTPS request using invalid certificate in Blackberry tablet