Reputation: 35
Worklight: Canno access the WL server over https where CA certificate is setup
Recently, my Test Worklight server has been configured and secured via https protocol and SSL setup (CA certificate is added).
However, my mobile app cannot connect to the WL server now and get an error. Before, it can connect to the WL server normally with http protocol.
I did some tests (exmaples for Auto Provisioning and Custom Provisioning - module_25_0_CustomDeviceProvisioningCustomProvAppAndroid) based on the Device_Provisioning_concepts.pdf document, but they didn't work on Test env.
I think it should be that some settings were not configured successfully, so that WL server didn't issue the certificate to the mobile app. I am not sure. Any idea?
Information:
- WL servsion: 5.0.6.1, Enterprise Version;
- Not install the App center mobile application firstly, just install MyApp via the web url of App Center;
Hybrid application
[ERROR] [https://serverhost:9443/demo/apps/services/api/AuthDemo/iphone/query] Host is not responsive.
Upvotes: 1
Views: 835
Answers (2)
Reputation: 1225
As Anton said, the certificate is not being trusted by the mobile device. The reason you get a 'Host is not responsive' error is because the SSL handshake failed because the device did not trust the server's certificate, so an HTTPS connection was never created, and it interprets it as if it did not find the server, because the SSL handshake occurs at a lower level than HTTP, and it cannot distinguish between both cases. If you want to see the SSL errors, you will have to use a program like Wireshark or Charles to look at the network traffic.
If you want to use this untrusted CA certificate, you will have to manually import the CA certificate to the device's trusted certificate store so that the device trusts . This varies from platform to platform. For example, on Android and iOS, you can email the certificate to the device (it has to be in .crt format), and then when you open it, the device will let you import the certificate. After manually trusting the certificate, the application should work.
Upvotes: 1
Reputation: 3166
Try to open Worklight console from you device's browser. Most probably it will notify you about invalid certificate (popup and/or icon in the address bar). In case it does - the certificate you've purchased is not trusted by mobile phones. You should ask CA for a certificate trusted by Apple/Google browser.
Upvotes: 1
Related Questions
- Worklight Adapter Mutual SSL
- Worklight 6.2 Developer Server - Self Signed SSL
- Worklight 6. 2 App on Blackberry Z10 cannot connect to WL server error CERT_EXPIRY
- Configuring SSL between Worklight adapters and back-end servers
- Worklight 6.0 application using SSL
- HTTPS Connection to Worklight Server 6.2
- IBM Worklight 6.1 - Runtime: Http request failed: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
- Worklight SSL errors using local Liberty server
- Making web service calls to a HTTPS server from Worklight Adapter - javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
- IBM Worklight 6.0 - Native Android app unable to connect when using HTTPS