J'essaye d'implémenter l'épinglage de SSL en utilisant le plugin de Cordova pour l'androïde et j'obtiens une erreur 500: Échec de poignée de main de SSL. Je courais l'application sur Android N.L'épinglage SSL à l'aide du plugin cordova ne fonctionne pas. J'obtiens la poignée de main de SSL échouée, code d'erreur 500
J'ai essayé ci-dessous les plugins: https://github.com/yyfearth/cordova-plugin-http
https://github.com/wymsee/cordova-HTTP
Pour mon exemple de code, je suis épingler les certs facebook. J'ai essayé d'épingler CA cert (Avast) ainsi que leaf cert (facebook).
Ci-dessous mon code:
var app = {
// Application Constructor
initialize: function() {
document.addEventListener('deviceready', this.onDeviceReady.bind(this), false);
},
// deviceready Event Handler
//
// Bind any cordova events here. Common events are:
// 'pause', 'resume', etc.
onDeviceReady: function() {
this.receivedEvent('deviceready');
cordovaHTTP.enableSSLPinning(
true,
function (msg) {alert("SSL pinning enabled")},
function (msg) {alert("SSL pinning can't be enabled " + msg)}
);
CordovaHttpPlugin.addPinningCerts(
['MIIEXDCCA0SgAwIBAgIBATANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJDWjEP\n' +
'MA0GA1UECAwGUHJhZ3VlMQ4wDAYDVQQKDAVBVkFTVDEdMBsGA1UECwwUU29mdHdh\n' +
'cmUgRGV2ZWxvcG1lbnQxGTAXBgNVBAMMEEF2YXN0IHRydXN0ZWQgQ0EwHhcNMTYx\n' +
'MjA5MDAwMDAwWhcNMTgwMTI1MTIwMDAwWjBpMQswCQYDVQQGEwJVUzETMBEGA1UE\n' +
'CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEXMBUGA1UEChMORmFj\n' +
'ZWJvb2ssIEluYy4xFzAVBgNVBAMMDiouZmFjZWJvb2suY29tMIIBIjANBgkqhkiG\n' +
'9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEjiWVGgjCgy6GjTUTZJAFgPJ5ybGKVvCzG7\n' +
'yDKB2A2gLhFD3oEwiikVI2glBcSoPq6Yy2sOpZJWb2uchDVydjqy/6UrwL9vjZ4v\n' +
'AicRsI0A+ftVpyQZhCb2r50OnI6Fy8rpYQc0B8DP2XEq8RE3nrG7cFt80e+vygNv\n' +
'+FvV/8QwAAZlDNMCiCUEMtQ3ZHh8XybVIhVVYefrPY7GLec7UbbgP0coaJE9utVI\n' +
'ZxLIOzD+3dpCL0+/f6H2BkQLeVi5qB3+fyVsHqkHDKHnjG18nrJUR9xcNFNO9Onh\n' +
'ZK/JwT3kyECnd7mv7wE5JG9o3nsMapic+OkLWUTUNZYRzeyj3QIDAQABo4IBDjCC\n' +
'AQowHQYDVR0OBBYEFJ8vur6MoceTetprJx2P+OTfMgh2MB8GA1UdIwQYMBaAFEE4\n' +
'wE3WMlzLKyRJ94n3/3fKbXcfMIHHBgNVHREEgb8wgbyCDiouZmFjZWJvb2suY29t\n' +
'gg4qLmZhY2Vib29rLm5ldIIIKi5mYi5jb22CCyouZmJjZG4ubmV0ggsqLmZic2J4\n' +
'LmNvbYIQKi5tLmZhY2Vib29rLmNvbYIPKi5tZXNzZW5nZXIuY29tgg4qLnh4LmZi\n' +
'Y2RuLm5ldIIOKi54eS5mYmNkbi5uZXSCDioueHouZmJjZG4ubmV0ggxmYWNlYm9v\n' +
'ay5jb22CBmZiLmNvbYINbWVzc2VuZ2VyLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEA\n' +
'POrSZ9dMpwQHRO78VfBjDLeoGKYk2EdnTyxFIzZXPaLzMA5+X97eektopJgRWWIG\n' +
'aVn1fsHgwNl7DqdG13mHN6w9ziMon5TlXyz0NZn9jKEtdiw0VZG6f2ccn9HOBUqK\n' +
'5EDeWKXS4XwvrckPLC61nGsUIBGa+OBIh4tQNOgLzp3sY4DzWcyV2X1CFsDtLcPT\n' +
'WWXLOY8JhkFFNkTpLHbbVYFiUUoJ49C+MTt3+0ciwQr4/Tm250ksfpgL+O5u5aB7\n' +
'hngx78ACuL9qjT682tHgw7+Y4oe9cTAs93tf5Bnp0jdjkOomJFS5YgNHTEjD9rA3\n' +
'2d9j7kz7MY2lD5/lEsfCsg==\n']
function(msg) {alert("OK, Added pinned certs success!")},
function(msg) {alert("ERROR, adding pinned certs denied " + JSON.stringify(msg))}
);
cordovaHTTP.validateDomainName(true,
function(msg) {alert("OK, Domain Name validate")},
function(msg) {alert("ERROR, Domain Name not validate " + JSON.stringify(msg))}
);
window.cordovaHTTP.get(
"https://www.facebook.com/", //https://www.facebook.com", // we have a .cer file for this in www/certificates also in assets/certificates
{}, // optional params
{}, // optional headers
function(msg) {alert("OK, Connection allowed")},
function(msg) {alert("ERROR, Connection denied " + JSON.stringify(msg))}
);
},
// Update DOM on a Received Event
receivedEvent: function(id) {
var parentElement = document.getElementById(id);
var listeningElement = parentElement.querySelector('.listening');
var receivedElement = parentElement.querySelector('.received');
listeningElement.setAttribute('style', 'display:none;');
receivedElement.setAttribute('style', 'display:block;');
console.log('Received Event: ' + id);
}
};
app.initialize();
Toute idée sur la façon de résoudre ce problème?
J'ai aussi essayé ci-dessous plugins mais sans succès http://plugins.telerik.com/cordova/plugin/secure-http https://github.com/AppSecurityApi/com-intel-security-cordova -brancher –