Add root CA to app for HTTPS requests

#1

Hi.

I have need for making HTTPS requests to a server but I somehow need to add a root CA (certificate) to the application so that it can accept the response from the server. I believe the iOS push notifications works in a similar way, if I remember correctly.

I have been struggling with detaching only for this but I have some hope that there is a smart solution so that I don’t have to learn XCode and Objective-C.

Does anyone know if this is possible with Expo somehow?

Thanks a lot in advance!
Pontus

0 Likes

#2

This is not an issue with Expo but the way security works on mobile devices. I believe you have a self-signed certificate on the HTTPS server, and you want to request to it. Since the cert is not verified, unless you can add your certificate to mobile devices / simulators manually, you won’t be able to request to server using HTTPS. You can add the certificates and pass the security checks in native code, but it is not the correct solution.

I suggest you get a verified certificate to use, for example from https://letsencrypt.org/

iOS push notifications is entirely different, and the certificates related to it are verified/signed by Apple.

0 Likes

#3

Thank you very much for a quick answer! And sorry if this is really not the right forum, I was just curious if this was somehow implemented in Expo.

I believe I already have the root certificate, it is provided from our CA. Do you mean that I need to manually add the certificate to use for every mobile device that downloads the app?

0 Likes