mTls Client Certificate authentication not working as in Android

[yiqisweet]

But the ios system is normal

inappwebview 6.0.0

Can I get any suggestions for solving the error?

Thanks!

[github-actions]

👋 @yiqisweet

NOTE: This comment is auto-generated.

Are you sure you have already searched for the same problem?

Some people open new issues but they didn't search for something similar or for the same issue. Please, search for it using the GitHub issue search box or on the official inappwebview.dev website, or, also, using Google, StackOverflow, etc. before posting a new one. You may already find an answer to your problem!

If this is really a new issue, then thank you for raising it. I will investigate it and get back to you as soon as possible. Please, make sure you have given me as much context as possible! Also, if you didn't already, post a code example that can replicate this issue.

In the meantime, you can already search for some possible solutions online! Because this plugin uses native WebView, you can search online for the same issue adding android WebView [MY ERROR HERE] or ios WKWebView [MY ERROR HERE] keywords.

Following these steps can save you, me, and other people a lot of time, thanks!

[DKAC]

We are getting the same error message here for Android... the code looks basically the same. With 5.8.0, the problem did not occur, but we cannot use that version anymore. I tried 6.1.5 and 6.2.0-beta.2. Also, with the certificate test site badssl.com, the same code is working fine.
Edit: I have some more Info on this ticket. After installing the certificate on an android device and opening the webpage in chrome, the "choose certificate" dialog is presented. There is only one certificate to choose and if I do confirm that certificate, the website loads correctly. However, when I press the "deny" button, I first see an ERR_EMPTY_REPONSE page and a second later, an ERR_BAD_SSL_CLIENT_AUTH_CERT page (which are exactly the two error message, that I see when using the InAppWebView). Here is the code from the build-method:

    InAppWebView(
      initialUrlRequest: URLRequest(url: WebUri(url)),
      onReceivedHttpAuthRequest: (controller, challenge) async =>HttpAuthResponse(action: HttpAuthResponseAction.PROCEED),
      onReceivedServerTrustAuthRequest: (controller, challenge) async => ServerTrustAuthResponse(action: ServerTrustAuthResponseAction.PROCEED),
      onReceivedClientCertRequest: (controller, challenge) async => ClientCertResponse(
          action: ClientCertResponseAction.PROCEED,
          certificatePath: certPath,
          certificatePassword: certPassword,
        ),
    )

And here is the console output:

[AndroidInAppWebViewWidget] (android) AndroidInAppWebViewWidget ID 2 calling "onWebViewCreated" using []
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onProgressChanged" using {progress: 10}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onReceivedClientCertRequest" using {protectionSpace: {protocol: https, sslCertificate: null, port: 443, authenticationMethod: null, receivesCredentialSecurely: null, host: xxxx.xxxxxx.xx, proxyType: null, realm: null, isProxy: null, sslError: null, distinguishedNames: null}, principals: [CN=XXXXXX-PRIVATE-ISSUING-CA,DC=xxxxxx,DC=root,DC=corp, CN=ENCEVO-PRIVATE-ROOT-CA], keyTypes: [RSA, ECDSA]}
E/chromium( 3026): [ERROR:aw_contents_client_bridge.cc(255)] No client certificate selected
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onLoadStart" using {url: https://xxxx.xxxxxx.xx/xxx/xxx?xxx}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onReceivedError" using {request: {headers: {User-Agent: Mozilla/5.0 (Linux; Android 11; Android SDK built for x86 Build/RSR1.210210.001.A1; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/83.0.4103.106 Mobile Safari/537.36, Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9, Upgrade-Insecure-Requests: 1}, isRedirect: false, method: GET, hasGesture: false, isForMainFrame: true, url: https://xxxx.xxxxxx.xx/xxx/xxx?xxx}, error: {description: net::ERR_EMPTY_RESPONSE, type: -1}}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onLoadStop" using {url: https://xxxx.xxxxxx.xx/xxx/xxx?xxx}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onUpdateVisitedHistory" using {isReload: false, url: https://xxxx.xxxxxx.xx/xxx/xxx?xxx}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onProgressChanged" using {progress: 70}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onTitleChanged" using {title: Webseite nicht verfügbar}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onProgressChanged" using {progress: 80}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onProgressChanged" using {progress: 100}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onProgressChanged" using {progress: 100}
[AndroidInAppWebViewController] (android) WebView ID 2 calling "onPageCommitVisible" using {url: https://xxxx.xxxxxx.xx/xxx/xxx?xxx}

I tried to add 'selectedCertificate: 0' to the ClientCertResponse despite it being flagged as Windows only, but as expected, with the exact same output.

I hope this helps to further analyse the ticket.