Back

Technologies:

javascriptjavascript
react-nativereact-native
avatar
Tolerim
23 days ago

Can I turn off verification or include SSL in the Expo?

As a JavaScript developer, my current task is to make a get request using Expo. Unfortunately, I'm facing an issue where the SSL certificate is causing an error. I'm wondering if it's feasible to either disable the SSL certificate check or embed the certificate into the application. I have included a typical get request example below: Here is an example of a typical get request:

 const response = await fetch(`https://.....:..../......./....`, {
       headers: {
            Authorization: `Basic ${base64.encode(email + ':' + password)}`,
         },
   });
Answers(2)
avatar
Vogi
22 days ago
Verified Answer
Yes, it is possible to disable the SSL certificate check or embed the certificate into the application. Here is an example of how to disable SSL certificate checking for new instances of HttpsURLConnection in Android React Native. However, I'm not sure if this solution is applicable to Expo. I found a Stack Overflow post that suggests that there is no way in React Native to disable SSL verification during fetch() call when using Expo. I hope this helps. Let me know if you have any other questions.

Sources

Ignore SSL Certificate Check on Android React NativeHow to ignore SSL cert issues in fetch() call when using Expo?How do I disable SSL certificate verification in Windows?Add flag to ignore SSL certificate issues #1371 - Githubdisable verification or embed ssl expo - Stack Overflow
avatar
Tolerim
23 days ago
Yes, it is possible to disable the SSL certificate check by setting the rejectUnauthorized field to false in the https options object. However, this is not recommended as it could leave your application vulnerable to security risks. Instead, it is recommended to embed the SSL certificate into your application. You can do this by downloading the certificate and storing it in your project directory, then referencing it in your https options object using the ca field. Here is an example of how you can embed the SSL certificate into your application: 
const fs = require('fs');
const https = require('https');

const options = {
  hostname: 'example.com',
  port: 443,
  path: '/',
  method: 'GET',
  ca: fs.readFileSync('/path/to/cert.pem'),
};

https
  .request(options, (res) => {
    console.log('statusCode:', res.statusCode);
    console.log('headers:', res.headers);

    res.on('data', (d) => {
      process.stdout.write(d);
    });
  })
  .on('error', (e) => {
    console.error(e);
  })
  .end();
In this example, we have downloaded the SSL certificate and stored it in the file /path/to/cert.pem. We then reference this file in the ca field of the https options object. This will ensure that the SSL certificate is trusted when making requests to the specified URL.
;