My React Native mobile application suddenly cannot connect with the backend.
(only android version, iOS works without any problem).
Also I can request the API without problem by using the browser.
This just suddenly happened, when the problem start where were no changes in the server side or in the mobile application, but all android apps stop to connect to the server.
The exception in the mobile application says:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
I have reviewed every answer in Stack Overflow but nothing works so far.
These are the main points:
- My mobile app is made with react-native and Expo, the SSL certificated is issued by LetsEncrypt.
- The certificate from my API is correct, it works perfectly with iOS and any web browser.
- The backend is a
react-jsapplication running with annginx 1.22.1server.
In the mobile:
- I tried another app (api tester) for android and I get the same error trying to communicate with my API. (but again, my ssl certificate seems to be OK).
- In my mobile app, I tied to fetch data from a random open API in internet and it works without problem.
- I also tried to use
fetchinstead ofaxiosbut also fails to connect. - I also look how to do an ssl certificate
pinningas a temporary solution but the problem is that I’m using expo and I didn’t find the way to do it with it.
Some relevant dependencies version are:
"dependencies": {
...
"axios": "^1.1.3",
"expo": "^44.0.0",
"expo-cli": "^5.4.3",
"react": "17.0.1",
"react-native": "0.64.3",
"react-native-gesture-handler": "~2.1.0",
...
},
In the server:
- I tried with a certificate issued by ZeroSSL but still have the same problem.
- I also tried add the certificate issuer to the "trusted credentials" in android, but this issuer already was in there.
- I also tried renew the certificate using
certbotwith the flag--preferred-chain="ISRG Root X1"
Given all this test it seems to be a server side problem, but no other device have problem with it, only android; Also I test the certificate and its OK
I also test the certificate with this website
https://www.ssllabs.com/sstest
And this was the result
I will be grateful for any clue you can give me.
Regards!
2
Answers
I managed to make the application connect with my API successfully, but I'm still researching the origin of the problem.
More context:
It seems to be a problem of the library
axios(specificallyaxiosinstance). Its weird because I didn't change anything in the android app, it just suddenly stopped to work. (in all the android devices at the same time).And just doing tests I realized that
axiosinstancefail by doing the request (with the exception that I already showed you), but in an inexplicable way if the first request pointing to my API that I do in the app is by usingaxiosit works perfectly, and after thataxiosinstanceis capable to perform any request to my API without fail.I know it sounds weird, but now my app is working again.
By other Side, just to let you know, I also tested an android app called
API Tester v5.6and it fails connecting to my API giving me the same exception, but it last versionAPI Tester 5.7(which was released just some days ago) works without problem.I also tried to connect to my API with
ApiClient v2.4.7and it fails with the same exception.Again, I don't understand what is the real problem but definitely is not the certificate.
Anyway, now you know, maybe I should post this problem to the axios guys?
Regards!
We also faced this issue and it took us a few days to figure it out.
Basically, on older Android versions TLS v1.3 is not supported.
So make sure to disable TLS v1.3 on your domain. Having TLS v1.3 along with TLS v1.2 al enabled also doesn’t work. TLS v1.3 needs to be disabled
Apart from this make sure
android:usesCleartextTraffic="true"attribute is set