I need to implement mutual TLs in react native and I am using axios as a client
Related
I am reading all about E2EE and TLS but its mostly about the differences between them and not about if and how they should or should not be used together. So I was wondering if these two should be used together when developing a chat application using SocketIO or websockets. I have used TLS before when creating client-server communication with SocketIO so I know how this works but how does this integrate with end-to-end-encryption? Are you supposed to replace TLS with E2EE or should you send e2ee encrypted chatmessages over a TLS connection?
I would like to know how can we encrypt using AES and Expo for react native.
The expo-crypto seems to be only providing hashing and no real encryption.
Is there a way to do this with Expo?
We've used javascript fetch API to connect to server which has self signed certificate, not issued by a trusted CA.
The scenario is that the user gets an option to enter custom server URL that will be changing based upon different customers(enterprises) as we've configured different servers for different customers in their infrastructure for our B2B Android App.
I did a lot of research but didn't find a way in react native android to trust them programmatically in javascript or native module.
I want to secure api, used by react native app.
If authorisation header is sent user can read a request and access data so to avoid this I want to use SSL certificate for client and server.
Now if I place certificate in asests folder it will be accessible to the users whoever download the apk.
Is it possible for the user to get the client side certificate from asests. If yes how can it be avoided.
Can anybody suggest how to bypass or deal with the SSLHandshakeException while working on React Native Android app?
In iOS, we are able to do so by setting TSL flas as TRUE in info.plist file.
FYI, the server's certificate seems valid when we try to access any of its web service in a browser.