search

transistorsoft / cordova-background-geolocation-lt

The most sophisticated background location-tracking & geofencing module with battery-conscious motion-detection intelligence for iOS and Android.
http://www.transistorsoft.com/shop/products/cordova-background-geolocation
Other
656 stars 277 forks source link

Certificate for <developer.huawei.com> doesn't match any of the subject alternative names #1439

Closed kevinmcody closed 1 month ago

kevinmcody commented 1 month ago

Your Environment

Expected Behavior

I should be able to build the project

Actual Behavior

The project fails to build, with many errors regarding developer.huawei.com, all similar to the what I pasted in the "logs" section below:

Steps to Reproduce

  1. From a fresh cordova project
  2. cordova platform add android
  3. cordova plugin add cordova-background-geolocation-lt
  4. cordova build android --debug

Context

Build the project. Note that this worked perhaps a month or two ago.

Debug logs

Logs ``` > Could not resolve all files for configuration ':app:debugRuntimeClasspath'. > Could not resolve com.huawei.hms:availableupdate:6.5.0.300. Required by: project :app > com.huawei.hms:location:6.9.0.300 > com.huawei.hms:base:6.5.0.300 > Could not resolve com.huawei.hms:availableupdate:6.5.0.300. > Could not get resource 'https://developer.huawei.com/repo/com/huawei/hms/availableupdate/6.5.0.300/availableupdate-6.5.0.300.pom'. > Could not GET 'https://developer.huawei.com/repo/com/huawei/hms/availableupdate/6.5.0.300/availableupdate-6.5.0.300.pom'. > Certificate for doesn't match any of the subject alternative names: [a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net] ```
christocracy commented 1 month ago

I will generate a fresh Cordova project and attempt to reproduce.

You should really migrate away from Cordova.

I support Capacitor, React Native and Flutter (my favourite).

kevinmcody commented 1 month ago

Thanks.

I worked around it temporarily by doing something my IT security folks should never know about (a Gradle plugin that ignores SSL errors while pulling in external repos): https://stackoverflow.com/questions/51658086/how-to-configure-gradle-to-bypass-ssl-certificate-validation

(As for Cordova, LOL I 100% agree! Sadly the suits that manage my time have other priorities)

kevinmcody commented 1 month ago

Update - the temporary workaround did not, in fact, work. Nor did several other attempts I made to force Gradle / Java to ignore cert validation errors.

Any luck reproducing this?

christocracy commented 1 month ago

I just generated a fresh Cordova app, added the plugin, pasted the example and it works fine. The plugin requests permissions at app launch (you're probably not even getting the android app to build)

$ cordova platforms
Installed platforms:
  android 12.0.1
kevinmcody commented 1 month ago

I'm grasping at very thin straws right now: what version of Gradle are you using?

christocracy commented 1 month ago

platforms/android/gradle/gradle-wrapper.properties

distributionUrl=https://services.gradle.org/distributions/gradle-7.6-all.zip
kevinmcody commented 1 month ago

I think I fixed this by changing JDKs, which sounds kinda crazy but hear me out:

The Huawei stuff that was being pulled in was all at developer.huawei.com, which apparently redirects to a CDN called "akamai.net". When I went to the repos directly in a browser I was able to download them without issue; it was just Gradle running in Powershell that was complaining. I'm thinking maybe the Java HttpClient simply was not smart enough to navigate the redirects.

I switched my JAVA_HOME environment variable from OpenJDK11 to the JetBrains Java Runtime that ships with Android Studio, and now it successfully pulls in all the repos and builds.

christocracy commented 1 month ago

and now it successfully pulls in all the repos and builds.

Awesome, well done. You're a champ!