Self-signed certificates in iOS apps
How to register self-signed certificates on your iPhone/iPad to use them in Cordova hybrid apps
--
Apps should communicate securely via SSL with their backend. Self-signed certificates are an inexpensive option to use SSL communication also in development environments.
By default, iOS will block all communication attempts of a Cordova app with a self-signed certificate. You will see an error message along those lines:
[Error] WebSocket network error: The operation couldn’t be completed. (OSStatus error -9807.)The error code 9807 points to an invalid certificate chain because your self-signed certificate wasn’t based on one of iOS’s trusted root certificates (like Comodo or GoDaddy).
So how to make iOS accept your self-signed certificate?
First, email your root certificate (e.g. fake-root-cert.pem) to yourself. Next, open the email on your phone, and click the attachment. This will open the iOS Setting up and offer you to install the certificate as a Profile.
Second, instruct iOS to fully trust the installed root certificate. For this, open again the iOS Settings app. Then navigate to “General” > “About” > “Certificate Trust Settings”. In the section “Enable Full Trust for Root Certificates”, enable your root certificate.
With this, your app can connect now with the self-signed certificate to the backend.
Happy coding!
