In iPhone with Titanium, the webView (Ti.UI.WebView) will only allow content from sites with trusted, verified certificates. A simple modification to the iOS code in the SDK tells the webView to accept all pages regardless of certificate. Refer to instructions on Customizing the Titanium SDK for steps to modify the SDK.
This solution comes from an answer in the Titanium Mobile QA site: http://developer.appcelerator.com/question/120117/webview-ssl-certificate-error---no-way-to-accept-expired-server-certificate---ipad-app#answer-213681
Steps to modify SDK (either Titanium Mobile SDK source or an already build Titanium Mobile SDK):
- Open <sdk>/iphone/Classes/TiUIWebView.m (/Library/Application Support/Titanium/mobilesdk/osx/<sdk-version>/iphone/Classes/TiUIWebView.m)
- Above
@implementation TiUIWebView
add:@interface NSURLRequest (DummyInterface) + (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host; + (void)setAllowsAnyHTTPSCertificate:(BOOL)allow forHost:(NSString*)host; @end
- Then look for this method
-(void)setUrl_:(id)args
and modify code to match this:if ([self isURLRemote]) { NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url]; // Use the private method setAllowsAnyHTTPSCertificate:forHost: // to not validate the HTTPS certificate. [NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost:[url host]]; [self loadURLRequest:request]; if (scalingOverride==NO) { [[self webview] setScalesPageToFit:YES]; } }
- Rebuild your app (after deleting <project-root>/build/iphone) and you should be able to open all https:// pages in the webview.
Note that this is only necessary for webviews because Ti.Network.HTTPClient has a bool property of validatesSecureCertificate
which allows the developer to specify whether or not to allow invalid certs for http requests.