B4J Question Webview & Certificate Lets encrypt

Siam

Siam

Active Member
Licensed User
Longtime User
Hello,

i will open an SSL Page witch has a Let's encrypt Certificate but nothing happens

if i load :

webview1.LoadUrl("https://www.siam-net.de") or webview1.LoadUrl("https://smarthome.iokz.de")
nothing happens.. no error... no page .. nothing

if i load
webview1.LoadUrl("https://www.google.de")
it works fine.

is it possible that the webview can't handle the certificate from let's encrypt ?

regards

Andy
 
Sort by date Sort by votes
Erel

Erel

B4X founder
Staff member
Licensed User
Longtime User
You can disable the SSL tests with this code:
B4X: 
Sub AppStart (Form1 As Form, Args() As String)
   MainForm = Form1
   MainForm.SetFormStyle("UNIFIED")
   MainForm.RootPane.LoadLayout("1") 'Load the layout file.
   MainForm.Show
   Dim jo As JavaObject = Me
   jo.RunMethod("disableSSLTest", Null)
   WebView1.Loadurl("https://www.siam-net.de")
End Sub

#if JAVA
import java.net.MalformedURLException;
import java.net.URL;
import java.security.GeneralSecurityException;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public static void disableSSLTest() {

     TrustManager[] trustAllCerts = new TrustManager[] {
         new X509TrustManager() {   
           public java.security.cert.X509Certificate[] getAcceptedIssuers() {
             return null;
           }
           public void checkClientTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
           public void checkServerTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
         }
     };

     // Install the all-trusting trust manager
     try {
       SSLContext sc = SSLContext.getInstance("SSL");
       sc.init(null, trustAllCerts, new java.security.SecureRandom());
       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     } catch (GeneralSecurityException e) {
     }
     // Now you can access an https URL without having the certificate in the truststore
     try {
       URL url = new URL("https://hostname/index.html");
     } catch (MalformedURLException e) {
     }
   }
#end if
Based on this answer: http://stackoverflow.com/questions/...not-working-using-a-untrusted-ssl-certificate
 
Upvote 0
M

mik1214324

Member
Licensed User
Erel said:
You can disable the SSL tests with this code:
B4X: 
Sub AppStart (Form1 As Form, Args() As String)
   MainForm = Form1
   MainForm.SetFormStyle("UNIFIED")
   MainForm.RootPane.LoadLayout("1") 'Load the layout file.
   MainForm.Show
   Dim jo As JavaObject = Me
   jo.RunMethod("disableSSLTest", Null)
   WebView1.Loadurl("https://www.siam-net.de")
End Sub

#if JAVA
import java.net.MalformedURLException;
import java.net.URL;
import java.security.GeneralSecurityException;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public static void disableSSLTest() {

     TrustManager[] trustAllCerts = new TrustManager[] {
         new X509TrustManager() {  
           public java.security.cert.X509Certificate[] getAcceptedIssuers() {
             return null;
           }
           public void checkClientTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
           public void checkServerTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
         }
     };

     // Install the all-trusting trust manager
     try {
       SSLContext sc = SSLContext.getInstance("SSL");
       sc.init(null, trustAllCerts, new java.security.SecureRandom());
       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     } catch (GeneralSecurityException e) {
     }
     // Now you can access an https URL without having the certificate in the truststore
     try {
       URL url = new URL("https://hostname/index.html");
     } catch (MalformedURLException e) {
     }
   }
#end if
Based on this answer: http://stackoverflow.com/questions/...not-working-using-a-untrusted-ssl-certificate
Click to expand...


Erel, this is good answer and maybe it works on b4a, but it tooks me about hard 5 hours to make it work on b4j) - few lines of code but its was not easy to get it work.
FINALY it works:

B4X: 
Sub AppStart (Form1 As Form, Args() As String)
        Dim jo As JavaObject = Me
        jo.RunMethod("disableSSLTest", Null)
       'now you can open web-sites wich uses self-signed ssl 
       Web.LoadUrl("https://192.168.0.18")
End Sub

#if JAVA
import java.security.GeneralSecurityException;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;

public static void disableSSLTest() {
     TrustManager[] trustAllCerts = new TrustManager[] {
         new X509TrustManager() {   
           public java.security.cert.X509Certificate[] getAcceptedIssuers() {
             return null;
           }
           public void checkClientTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
           public void checkServerTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
         }
     };

    // Install the all-trusting trust manager
     try {
       SSLContext sc = SSLContext.getInstance("SSL");
       sc.init(null, trustAllCerts, new java.security.SecureRandom());
       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     } catch (GeneralSecurityException e) {
     }

      HostnameVerifier allHostsValid = new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) {
            return true;
        }
     };

    // Install the all-trusting host verifier
    HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); 
   }
#end if
 
Upvote 0
MichalK73

MichalK73

Well-Known Member
Licensed User
Longtime User
mik1214324 said:
Erel, this is good answer and maybe it works on b4a, but it tooks me about hard 5 hours to make it work on b4j) - few lines of code but its was not easy to get it work.
FINALY it works:

B4X: 
Sub AppStart (Form1 As Form, Args() As String)
        Dim jo As JavaObject = Me
        jo.RunMethod("disableSSLTest", Null)
       'now you can open web-sites wich uses self-signed ssl
       Web.LoadUrl("https://192.168.0.18")
End Sub

#if JAVA
import java.security.GeneralSecurityException;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.SSLSession;
import javax.net.ssl.X509TrustManager;

public static void disableSSLTest() {
     TrustManager[] trustAllCerts = new TrustManager[] {
         new X509TrustManager() {  
           public java.security.cert.X509Certificate[] getAcceptedIssuers() {
             return null;
           }
           public void checkClientTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
           public void checkServerTrusted(
               java.security.cert.X509Certificate[] certs, String authType) {
           }
         }
     };

    // Install the all-trusting trust manager
     try {
       SSLContext sc = SSLContext.getInstance("SSL");
       sc.init(null, trustAllCerts, new java.security.SecureRandom());
       HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
     } catch (GeneralSecurityException e) {
     }

      HostnameVerifier allHostsValid = new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) {
            return true;
        }
     };

    // Install the all-trusting host verifier
    HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
   }
#end if
Click to expand...


I am working for 2 days on the solution why exoplayer does not play stream from one hosting. Browser shows valid SSL for the link. VLC plays material from link, not exoplayer only. Only the link was uploaded to Postman and I saw that the SSL certificate has no confirmation, but B4X only reports that it cannot connect to the address provided.
I connected your SSL deactivation code out of curiosity if BINGO will work. Thanks a lot.
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Erel
  • Article
B4J Library [server] LetsEncrypt SSL certificates
Replies
12
Views
2K
hatzisn
hatzisn
alwaysbusy
  • Article
B4J Library ABKeystoreSSL: SSL Certificate generator using Let's Encrypt
2
Replies
20
Views
6K
alwaysbusy
alwaysbusy
aeric
  • Article
B4J Tutorial [Server] Using Let's Encrypt on Ubuntu VPS
2
Replies
24
Views
7K
Sandman
Sandman
W
  • Article
B4J Library AutoKeyGenerator: create Jetty compatible certificates using LEt's Encrypt and CloudFlare
Replies
2
Views
2K
MiguelL
MiguelL
DonManfred
  • Article
Android Tutorial [B4X] Manage your own Let´s Encrypt Certificates (ACME Client)
Replies
2
Views
4K
DonManfred
DonManfred
Top