cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tommy-Carlos Williams (JIRA)" <>
Subject [jira] [Commented] (CB-3351) Support for mutual SSL (on Ajax calls)
Date Tue, 11 Jun 2013 10:54:20 GMT


Tommy-Carlos Williams commented on CB-3351:

I am currently looking into client certificate authentication for our app, and my research
so far has led me to believe that, at least on Android, this would be unlikely to be a good
fit for inclusion in Cordova.

There is a project to provide client certificate authentication to the Android webView[1],
but it is hindered by requiring access to private APIs in Android 4.x[2]

iOS might be able to handle it with a plugin rather than a modification of Cordova itself,
but I have not looked into it very deeply yet. At least on iOS I know that it is possible
with native NSUrlConnections.


> Support for mutual SSL (on Ajax calls) 
> ---------------------------------------
>                 Key: CB-3351
>                 URL:
>             Project: Apache Cordova
>          Issue Type: New Feature
>          Components: Android, BlackBerry, WP8
>    Affects Versions: 2.6.0
>            Reporter: Eloy Gonzalez
>              Labels: clientcertificate, mutualSSL, ssl
> In some situations, two-factor authentication is required, and client certificates (a
X.509 certificate with a enhanced key usage) are a popular choice as a first
factor. With mutual SSL, the client verifies the server's identity (server authentication)
and the server verifies the client's identity (client authentication). Unfortunately, Cordova
does not support mutual SSL.
> This issue is relate to CB-2669, but not only for iOS

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message