Tag: cordova

How to use SSL pinning with cordova-plugin-advanced-http ?

Introduction

It’s little bit complex task for the new programmers to use SSL pinning with cordova-plugin-advanced-http plugin. Plugin installation and usage is not so complex, but most of the people have no idea about how to obtain the .cer file for SSL pinning purpose.

I have already published a blog post about how to generate the .cer file, You may just read this blog post first.

In my project i just want to use an HTTPs based url from my ionic application, My client told me its very important for him because we are transferring some sensitive data through this API.

Firstly, I just installed the cordova-plugin-advanced-http plugin and its npm module in our ionic project and then i search on google to find how to generate .cer file. Most of the results just showing some results about how to convert a .pem file to .crt file and actually not solving my issues.

Example ionic application

I have created a git repository to share my sample application

Git URL https://github.com/sijovijayan/SSL-pinning-with-ionic-cordova-example

Or

Download

SSL Pinning may not work properly with Live Reload mode

Thanks

 

How to integrate SSL in ionic 3 using cordova plugin

Introduction

It was a little bit hard task for me to integrate SSL in my Ionic 3 app using Cordova due to my lack of knowledge in SSL certificates. As usual i just landed in the HTTP native plugin section under ionic frameworks documentation section. It was not so helpful for me, because neither  this page or its official github page not explaining how to generate the .cer file for SSL pinning, finally i found the solution by reading lots of Stackoverflow answers and other articles.

Procedure

Install the plugin as per the instruction on the documentation section

How to get the .cer file ?

I’m assuming that you need to make https requests to a single domain only

Method 1

It works only if you had chrome browser on a windows machine with no active antivirus software ( In my case kaspersky using a personal root certificate – that mask the actual SSL certificate keyfile from the user  )

In this case, we can generate .cer file from your chrome browser on windows machine. Just access one of your public api url via chrome browser address bar and then click on the green padlock icon of your https url. then you can export the ssl public key as a .cer file

Watch this video to get clear understanding

 

Method 2 ( recommended one )

If you have a Linux or Mac machine or use you Linux server terminal – If your machine must have an installation of openssl.

Use the following linux command to obtain the .cer file

openssl s_client -showcerts -connect <domain name>:443 -servername <domain name>:443 </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > certificate.pem

Convert .pem file into .cer file

openssl x509 -inform PEM -in certificate.pem -outform DER -out certificate.cer

Download the certificate.cer file to your local machine and then include a copy on your ionic/cordova project root directory

You must call enableSSLPinning or setSSLCertMode method on your components.ts file based on the version of the installed plugin

That’s all!