Not working with Virgin Australia if open the link

[joseph-so]

From the Virgin Australia check in link (Email / SMS), if you choose open in PassAndroid, it will not add the pass into PassAndroid. You have to save it (from example, open in Chrome in desktop, simulate as IPhone 6, add to passbook to get the pkpass file (to Google Drive)) and than can add into the app.

The pass was able to add into the app directly last year by opening the check in link

[ligi]

thanks - I already spend some time on this and it is more complicated than it looks - It is not only is an iphone User-Agent fake needed but also the certificates are not accepted by android - this is a real mess there and even a moving target so I figured I do not want to spend more time on this ..

[rivaldi8]

I'm having a similar problem, not sure if it is the same, though. PassAndroid fails to open a link from an email with this error:

org.ligi.passandroid W/PassAndroid﹕ Not Fatal Exception IOException in ImportAsyncTask javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

The link is this one from Renfe. The file is no longer available but, if it's an issue with the certificates, it may still be useful.

Am I having the same problem as with Virgin?

[ligi]

Have to close this as nothing is reproduceable for me here

[sytolk]

@ligi what about PassAndroid to support self signed certificates? You can check this: https://github.com/square/okhttp/blob/master/samples/guide/src/main/java/okhttp3/recipes/CustomTrust.java

or this: https://gist.github.com/chalup/8706740

[ligi]

AFAIR I was testing a custom trust with Virgin & it was not working :-(

[sytolk]

Have you try with okhttp3 CustromTrust example ? All its need to know is Virgin certificate PEM string. It works for me with my self signed certificate. But I think there is not problem (for downloading .pkpass) to trust everyone certificates.

[ligi]

Not sure if this was already okhttp3 at this time - unfortunately I cannot test this anymore as the link is no more valid ..

[sytolk]

What about to trust everyone? Now ImportAsyncTask will fail to open every https:// link with self signed certificate (not trusted from the authority). This is the same like to download file from https:// link with manually to add certificate exception to web browser.

[ligi]

I have to think about this one - at least there should be a warning to the user IMHO