bug: Capacitor is not correctly initialized when using a dev server with ssl on Android

[Badisi]

Bug Report

Capacitor Version

Latest Dependencies:

  @capacitor/cli: 2.4.2
  @capacitor/core: 2.4.2
  @capacitor/android: 2.4.2
  @capacitor/electron: 2.4.2
  @capacitor/ios: 2.4.2

Installed Dependencies:

  @capacitor/cli 2.4.2
  @capacitor/android 2.4.2
  @capacitor/core 2.4.2
  @capacitor/ios 2.4.2
  @capacitor/electron not installed

[success] Android looking great! 👌
[success] iOS looking great! 👌

Platform(s)

• Android

Current Behavior

1. Run capacitor with livereload and ssl on Android : ionic capacitor run android --livereload --external --ssl
2. Capacitor.isNative is false and Capacitor.platform is web

As a result, plugins are not working and specifically SplashScreen cannot be hidden programmatically when using launchAutoHide: false.

Expected Behavior

Capacitor.isNative should be true and Capacitor.platform should be android

Other Technical Details

npm --version output: 6.14.8

node --version output: v14.10.1

Additional Context

On iOS: everything is working as expected.
On Android: everything is working as expected without ssl

[jcesarmobile]

can you provide a sample app?

--ssl is an experimental flag, it generates a self signed certificate, and Capacitor won't load urls that use untrusted certificates (including self signed certificates)
I'm curious about how your app can load, I just get a white screen and this message on Logcat
Failed to validate the certificate chain, error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

[Badisi]

You are right on that point, I forgot to mention that I had to manually patch my MainActivity.java to make ssl work.

@Override
public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);

    this.init(savedInstanceState, new ArrayList<Class<? extends Plugin>>() {{
        // Additional plugins you've installed go here
        // Ex: add(TotallyAwesomePlugin.class);
    }});

    if (BuildConfig.DEBUG) {
        this.bridge.getWebView().setWebViewClient(new BridgeWebViewClient(this.bridge) {
            @Override
            public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {
                handler.proceed();
            }
        });
    }
}

The reason why I need ssl to be enable is that our app is making calls to https services and uses getUserMedia api which requires https..

[jcesarmobile]

The problem is Capacitor is not able to inject the required javascript code because of the bad certificate.

You can add this code to ignore the SSL errors on native connections, but remove it before submitting your app, google will probably reject the app if it contains this code.

    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
      public X509Certificate[] getAcceptedIssuers() {
        return null;
      }

      @Override
      public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
        // Not implemented
      }

      @Override
      public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
        // Not implemented
      }
    }};

    try {
      SSLContext sc = SSLContext.getInstance("TLS");

      sc.init(null, trustAllCerts, new java.security.SecureRandom());

      HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
      HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } });
    } catch (KeyManagementException e) {
      e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
      e.printStackTrace();
    }

[ionitron-bot]

Thanks for the issue! This issue is being locked to prevent comments that are not relevant to the original issue. If this is still an issue with the latest version of Capacitor, please create a new issue and ensure the template is fully filled out.