How to accept a self-signed certificate, using Cordova

I would like the self-signed certificate on my development machine server to be accepted by my IOS app.
Obviously I don’t want to buy a certificate for a development machine.

There are some solutions out there, but the only one that looks easy and reliable to enact is a cordova plug-in called cordova-certificate-plugin.

The Readme blurb promises the following, which would be great:

cordova Plugin to configure SSL Certificates, currently used to enable usage of untrusted aka self-signed SSL certifcates

I have a file in imports/startup/client with the following code:

import { Meteor } from 'meteor/meteor';

console.log('just before startup for trust certificates');

Meteor.startup(() => {
    console.log('cordova.plugins.certificates', cordova.plugins.certificates);

Unfortunately this does not work, I’m not even seeing either of the _console.log_s in a Safari debug.
Has anybody used this plugin who can put me on the right track please?


Is your dev server hosted somewhere? In this case, I’d recommend letsencrypt. It’s free and a real certificate.

1 Like

Thanks for the reminder @waldgeist .

I saw it, but due to the 90 days limit, I thought I’d try other possibilities.
However, given the blanks I’ve drawn, I think you may be right.

I had a startssl certificate which was free and worked very well, but they are no long accepted by anyone. So letsencrypt would be a good replacement.
(My dev server is on a docker-machine on my mac).

Letsencrypt is excellent. They also provide a script that automatically updates your certificate.

Just discovered why the plugin doesn’t work. There is an issue that’s been open for 6 months

WKWebview does not use NSURLProtocol under the hood so the current approach to allow self-signed certificates does not work.

I can’t use Letsencrypt in the usual automatic way. I use Cloudflare and there’s no support and anyway I don’t want the certificate to be installed on a production machine. Incidentally I use the CloudFlare free certificates for production and they work very well.
However I do have control of a root domain, so I will create a subdomain and do a LetsEncrypt manual install. It should work.
P.S. In fact the manual install went very well.