java.security.cert.CertPathValidatorException: Trust anchor for certification path not found in React-Native

Question

I am building an app in react-native and using axios package for post request. I get the error when axios post request in react-native android app. SSL certificate is signed with letsencrypt.

Https request is working with React-Native 0.47.2 but after upgrading to React-Native 0.55.0 it gives the certificate error.

Certificate is working in both desktop and mobile browsers as well as on application web portal but not working in android app.

Versions android: 8.0.0 React Native: 0.55.0

Error

"java.security.cert.CertPathValidatorException: Trust anchor for certification path not found."

score 3 · Answer 1 · edited Mar 04 '20 at 12:07

3

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">10.0.2.2</domain><!-- Debug port -->
        <domain includeSubdomains="true">abc.online</domain>
        <trust-anchors>
            <certificates src="@raw/abc"/>
        </trust-anchors>
    </domain-config>
</network-security-config>

This works for me, 10.0.2.2 is the default number for the emulator to communicate with localhost on your machine. If you are using your phone, it should be another IP address.

edited Mar 04 '20 at 12:07

Taazar

1,547
17
27

answered Mar 04 '20 at 08:50

Ming Li

29
1
2

This is working for me. Thanks a lot – mandeepsinghn May 05 '20 at 13:57
how can I get .cer file? – Pooja Rajendran C May 25 '21 at 08:37
1

@PoojaRajendranC - Export the SSL certificate from your hosting (generally via Control Panel) then use the OpenSSL executable (`C:\Program Files\Git\usr\bin\openssl.exe`) to transform the file into a .CER extension. – Angelo Oct 19 '21 at 01:46

score 0 · Answer 2 · answered Apr 13 '19 at 06:17

I have solved this issue using the following solution.

From Android 9(Pie) we need to set networkSecurityConfig into AndroidManifast.xml

<application android:networkSecurityConfig="@xml/network_security_config">

</application>

Now Create a new xml resource file with the name network_security_config.xml into value/xml folder. This Configuration applies to the base configuration, or the default security configuration, of the app and disables all clear text traffic.

<network-security-config>
  <domain-config cleartextTrafficPermitted="false">
    <domain includeSubdomains="true">172.16.33.1</domain>
  </domain-config>
</network-security-config>

For more information, you check the following links

https://codelabs.developers.google.com/codelabs/android-network-security-config/#3

https://developer.android.com/training/articles/security-config

https://medium.com/@son.rommer/fix-cleartext-traffic-error-in-android-9-pie-2f4e9e2235e6

score -1 · Answer 3 · answered Sep 19 '18 at 08:09

-1

The meaning of that exception is that the domain name that you have used is stg server means it has private dns. Solution 1 So in that case ask your server guy to make a certificate file with ext. .cert for you. And after that install it on your device and then add dns1 and dns2 to your wifi.

Solution 2 Instead of using domain name as url use ip address of your server.it may solve this problem too

answered Sep 19 '18 at 08:09

Md.ibrahim khalil

459
3
7

The meaning of that exception is that the signer of the certificate is not trusted by this client. Nothing to do with DNS whatsoever. – user207421 Mar 04 '20 at 09:29

java.security.cert.CertPathValidatorException: Trust anchor for certification path not found in React-Native

3 Answers3