Using the Apache Ripple emulator with a self signed SSL certificate

Question

I am experiencing a problem using Cordova 5.1.1 and Apache Ripple 0.9.32. I am trying to connect to a C# Web API 2 web service running in debug in Visual Studio 2013 using IIS Express and a self signed SSL certificate.

Ripple, which is running on the default proxy of http://localhost:4400, reports

INFO: Proxying cross origin XMLHttpRequest - https://localhost:44300/api/account/login
ERROR: Proxying failed with: [Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE]

When I debug the web service without SSL everything works correctly.

Can anyone shed any light on this, or will I need to get an SSL certificate from an authority?

I am aware this may be related to https://stackoverflow.com/questions/32805507/apache-ripple-emulator-and-ssl-test-certificates.

Answer 1

Perhaps a config option? From rippled.cfg:

/* If ssl_verify is 1, certificates will be validated

Use this if you have a certificate issued by a Certificate Authority

To allow the use of self-signed certificates for development or internal use,

set this to ssl_verify to 0. */

[ssl_verify]

1

Answer 2

I've come up with a workaround which is good enough for now.

1. Create a shortcut to run Chrome with the --disable-web-security flag set. For further information see my answer at Visual Studio, Ripple Emulator and CORS/Cross Domain Ajax
2. Start Ripple using either the command line or Visual Studio
3. Start an instance of Chrome using the shortcut from 1.
4. Browse to your Ripple url and issue your request over HTTPS
5. This will fail and the dev tools console will show POST https://mydomain:port/api_endpoint net::ERR_INSECURE_RESPONSE
6. In a new tab browse to your https://mydomain:port url
7. This will result in a "Your connection is not private" web page. Click on "Advanced", and then on "Proceed to https://mydomain:port (unsafe)" to accept the self signed SSL
8. Now back on the Ripple tab try issuing your request again and it should succeed.