0

I have created an API and an application with Xamarin (cross-platform, for Android and iOS both). The first screen is a login page that perform an HTTP request to API. It works fine on Android Emulator, but not in Android device that I have connected with debug mode. I have already add the string '' in applicationhost.config and my operation are all async operation. Can i solve it?

Thank you a lot!!!

marco
  • 121
  • 1
  • 10
  • Is your API hosted on an IIS server? or you are just in debug mode? – Jamshaid K. Mar 10 '22 at 13:28
  • My API is on IIS server of my localhost. Http request is on 10.0.0.2:44337/urlapi – marco Mar 10 '22 at 13:30
  • Is it hosted or running in the debug mode ? Can you make a call to your API using `http://127.0.0.1:44337/urlapi`? – Jamshaid K. Mar 10 '22 at 13:32
  • Is running in debug mode, from Visual Studio. If I call 127.0.0.1/urlapi with Android device I have a "Connection denied". If I call 10.0.0.2/urlapi it never return. – marco Mar 10 '22 at 13:35
  • 1
    Better to host your API to IIS server and try. `Localhost` is not accessible from out of the computer env. To access it on local network, host the api to your `IIS` server instead of inbuilt `IIS Express` of visual studio. – Jamshaid K. Mar 10 '22 at 13:36
  • How can I host my API on IIS server? Thansk a lot – marco Mar 10 '22 at 13:39
  • Ok, I try. Thank you very much. I hope to solve it! – marco Mar 10 '22 at 13:43
  • the dev IIS server in VS cannot handle remote requests by default, You need to enable remote requests in the config. This is exhaustively documented – Jason Mar 10 '22 at 13:47
  • Ok, I tried to host my API to IIS, byt unsuccessfull. – marco Mar 10 '22 at 14:55
  • Now, I've tried with iisexpress-proxy package from npm and it work. But now in android device I have the following message, "The ssl connection could not be established see inner exception". I have already set the HttpClientHandler. – marco Mar 10 '22 at 14:57

2 Answers2

0

It seems like you may be using HTTP instead of HTTPS. Newer versions of Android require you to take special steps to allow "insecure" HTTP only calls. See the documentation.

You definitely should use HTTPS in your final product in which case this wouldn't be necessary. In the meantime, you may be using a self-signed SSL certificate, add the android:usesCleartextTraffic XML attribute to your XML tag in the manifest:

<application android:usesCleartextTraffic="true" ... >

This answer goes into more detail as well.

Trevor Balcom
  • 3,766
  • 2
  • 32
  • 51
-1

You could try to bypass the certificate using below code.

 HttpClientHandler clientHandler = new HttpClientHandler();
 clientHandler.ServerCertificateCustomValidationCallback = (sender, cert, chain, sslPolicyErrors) => { return true; };   

HttpClient client = new HttpClient(clientHandler)
Wendy Zang - MSFT
  • 10,509
  • 1
  • 7
  • 17
  • Yes, I've already tried this. With this I bypass the certificates in Android Emulator, but not in Android phisically device. – marco Mar 11 '22 at 12:02
  • @MarcoSpallone This code will essentially disable SSL certificate checks. You don't want to leave this code in your released app. – Trevor Balcom Mar 11 '22 at 21:22