6

I'm developing a progressive webapp and, in order to make sure it's working on mobile device (and particularly on Chrome for Android as it's 90% of users), I'm trying to test service worker on an Android device.

Unfortunaltely, on Chrome for Android, I'm unable to register the service worker :

An SSL certificate error occurred when fetching the script.

Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID

I know service worker needs to be served over HTTPS so I have a self-signed certificate for my webapp. It is not trusted by browsers but it is still possible to proceed anyway. When using Firefox for Android, no problem I can sign to push notifications and register the service worker but with Chrome it's not working.

On Chrome for desktop, it's possible to enable service worker over non-secure origin with dev tools. I hoped to find the equivalent flag that I could use on mobile but none exists.

Is there a way to authorize service worker on Chrome Android for debug purpose?

I found an old question with no helpful answer there about the same issue and decided to open this one up for visibilty.

Community
  • 1
  • 1
Dave Smith
  • 219
  • 1
  • 3
  • 11

2 Answers2

2

From the other StackOverflow post you're referring to, I can see the solution is in the question.

You need to add a Certificate Authority crt to your Android trust list.

Why specifically a Certificate Authority .crt ?

Simply because Android only accepts CA certificates.

How do I get a CA certificate?

Normally, a Certificate Authority (CA) acts as a trusted third party. For debug purpose, you can act as a CA to issue self-signed certificate yourself.

  1. Create a root key: openssl genrsa -des3 -out rootCA.key 4096 (warning : anyone holding this can sign certificates on your behalf !)

  2. Create and self sign the Root Certificate: openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 1024 -out rootCA.crt

Remember that your webapp's SSL certificate needs to be generated with that same self-created CA.

Install certificate on Android device

Once you got your .crt file, copy it inside your device. Then go to Settings > Security > Install from storage. It should detect the certificate and let you add it.

To make sure it's installed correctly, go to Trusted Credentials > User.

VictorGalisson
  • 635
  • 9
  • 27
  • 1
    I add already created a CA certificate but thanks anyway for the explanation steps. I added it and it works ! – Dave Smith Jun 18 '18 at 14:59
  • I installed the self-trusted CA on my phone, but still getting insecure padlock warning. I filed my steps [here](https://stackoverflow.com/questions/62503177/can-not-debug-service-worker-on-an-android-phone) – Avner Moshkovitz Jun 21 '20 at 19:49
2

I solved this problem by portforwarding. You can find further info in my original answer here: https://stackoverflow.com/a/56146180/5048121

kudlohlavec
  • 464
  • 4
  • 18