You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by GitBox <gi...@apache.org> on 2019/03/05 12:47:47 UTC

[GitHub] [cordova-plugin-file-transfer] Mr-Anonymous commented on issue #225: SSLHandshakeException: Chain validation failed

Mr-Anonymous commented on issue #225: SSLHandshakeException: Chain validation failed
URL: https://github.com/apache/cordova-plugin-file-transfer/issues/225#issuecomment-469667317
 
 
   Here is an update. I may have resolved this issue in the end. Like I suspected, it did turn out to be due to OCSP Stapling renewal. It last expired on March 4 and hence the upload from mobile app stopped working in Mar 5. The server did not renew the OCSP stapling although it was enabled in the SSL setting. So I did the following changes to the web server config.
   
   1. `nano /etc/apache2/conf.d/includes/pre_main_global.conf`
   ```
      # ADDED THIS
      <IfModule Litespeed>
       SSLStaplingCache shmcb:/tmp/stapling_cache(128000)
      </IfModule>
   ```
   
   2. `nano /etc/apache2/conf.d/userdata/lscache_vhosts.conf`
   ```
      # Added This
      <IfModule Litespeed>
       SSLUseStapling on
      </IfModule>
   ```
   
   3. Apply these changes to all Virtual Hosts by running the following command:
   ```
   	/scripts/ensure_vhost_includes --all-users  
   ```
   	
   After that, the mobile uploads started to work on these devices. Although I am yet to receive confirmation from our users but from my testing, it seems to work in the emulators. It appears Chrome and most browsers does not care much about the OCSP Stapling expired error but it seems the file transfer cordova plugin was very strict about it and rejected the file upload due to this.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org