search

treflehq / trefle-api

🍀 Trefle is a botanical JSON REST API for plants species, allowing you to search and query over all the registered species, and build the next gardening apps and farming robots.
https://trefle.io
GNU Affero General Public License v3.0
482 stars 50 forks source link

Certificate verify failed on mobile application #45

Closed BadisB closed 4 years ago

BadisB commented 4 years ago

Hello,

First of all thank you for the big work behind this API!

I am developping a Flutter application using the Trefle API, on my android phone when waiting for a response from the API I get this error in the console:

Unhandled Exception: HandshakeException: Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: unable to get local issuer certificate(handshake.cc:354))

I searched for the certificate using the Chrome or Firefox app on my phone and it seems that trefle.io is using a HSTS technology for the certificate as described here:

Le site www.trefle.io est actuellement inaccessible, car il utilise la technologie HSTS. Les erreurs réseau et les attaques sont généralement temporaires. Vous devriez donc pouvoir accéder à cette page plus tard.

Let's say I search a plant on my app, say "basil", the uri would look like that:

https://trefle.io/api/v1/plants?token=[PERSONAL_KEY]&q=basil

If I type it directly on Chrome or Firefox (desktop) I get a JSON. If I type it from my android mobile phone Chrome or Firefox I get a certificate issue.

What's wrong? Do you think it has a issue with https instead of http?

BadisB commented 4 years ago

Hello again, fixed the issue by editing my code. Made a mistake by having the url including "www".

It must be in the form of: https://trefle.io/api/v1/plants?token=[PERSONAL_KEY]&q=basil

and not: https://www.trefle.io/api/v1/plants?token=[PERSONAL_KEY]&q=basil