robhogan
commented
7 years ago The "browser" in this case is really just React Native's underlying WebSocket implementation, so you might ask "How do I use a custom CA / certificate pinning with React Native websockets?".
The short answer is there's no out-of-the-box way to do it. The long answer:
React Native uses okhttp under the hood on Android (see here), and CFStream on iOS (here). Googling around, it'd be possible if developing natively to supply custom CAs to either of those, but when using RN it looks like there's no API to do so.
I haven't looked exhaustively and I might be wrong, but I think this would need a PR to react native to achieve cleanly - or you can provide your own native implementation of WebSocket and have this library use your implementation instead, by passing your own WebSocket constructor as a Client constructor parameter named webSocket like the tests do.
On iOS it looks like it shouldn't be too much work, since RCTSRWebSocket.m already supports the option RCTSR_SSLPinnedCertificates. You'd just need to modify/override RCTWebSocketModule.m to allow pinned certificates to be passed as a connection parameter.
On Android, you'd need to provide a way here to build the OkHttpClient with certificatePinner.
I might have a closer look at this later since it's an interesting problem, but I can't guarantee anything. Hope the info helps.
JulianKingman
carljoachim
insytes
pedry98
KrifaYounes
FrozenPyrozen
bearkillerPT
I searched around the googles for a while, but wasn't able to come up with anything. How does one use this client with SSL and a certificate authority file? The MQTT.js library has a way to handle it, and the original paho suggests that it's something handled by the browser (https://github.com/eclipse/paho.mqtt.javascript/issues/97), but as we don't have a browser in the RN version, what needs to happen for it to work? We should be able to test it on wss://test.mosquitto.org:1883/