问题
Few weeks ago, our app in our playstore stopped working on very few android devices. After debugging, we found out that the app isn't able to connect with our server due to cert validation failure. Our server certificates are very much valid. Don't know why it is not recognized by few devices all of a sudden. While debugging we tried to connect our app with another certificate chain which is cross-root enabled(to support SHA-1 and SHA-2), it worked well.
Was there any security update in android devices recently to enforce strict SHA algorithm validation? will enabling cross-root on certificate open any vulnerability? Your answers are much appreciated.
回答1:
This seems to issue with specific versions of Webview/Chrome. Check here for more info : https://www.chromium.org/developers/androidwebview/webview-ct-bug
"The only action WebView developers can take is to ask the user to update WebView."
Sample code is provided here to check affected webview/chrome versions and redirect to Play Store: https://github.com/ntfschr-chromium/ct_workaround
来源:https://stackoverflow.com/questions/41062348/ionic-android-app-ssl-cert-error-primary-error-5