What if: Android distrusts your server’s SSL certificate

Flat SSL Pulling out your hair is the least that you’d imagine yourself doing when working on a #crossplatform #phonegap solution. But chances are that it WILL happen when your desktop browser and #ios clients both work fine on your mobile API but the #android variant keeps complaining on how it cannot reach the backend.

In my case, after quite some puzzling, it seemed that the https part of the api URL was causing the issue. So here comes tip #1 for you: if you want to check if your android device will handshake with your API like there’s no tomorrow (and without any errors) open up the Android browser and visit the url on which your API is hosted.

Visiting the API’s url in the browser immediately showed an error on how the certificate wasn’t signed by a trusted authority.
Googling around led me to this StackOverflow answer that proved to be the origin of this SSL hell; the intermediate certificate was missing so the Android app couldn’t be shure that the server was to be trusted!

In that same answer this link is provided that will help any admin setup the correct certificate configuration. If you want some more intel on the background of this issue, this link shows some detailed steps and background info on how to include the intermediate certificate so it will be passed along from the server.

No go and provide valid certificates so that monstrous android app of yours can eat all those certificates like cookies! Numm numm!android_monster