Question
I developed a web application for Tizen TV (versions 3.0/4.0) that needs to communicate with a server using HTTPS. The connection fails with the following error:
POST https://xxxxxxxxxxx.net:8443/clientapplication.net::ERR_INSECURE_RESPONSE
The server uses a self-signed certificate. The connection works fine with HTTP, but fails with HTTPS.
I suspect I need to add the CA certificate to Tizen's trust list or configure the web engine to accept self-signed certificates. Are there any other solutions to this problem?
Answer
Problem Understanding
The issue occurs when trying to establish a secure HTTPS connection from a Tizen TV web application to a server using a self-signed certificate. By default, Tizen's web engine rejects self-signed certificates for security reasons.
Solution Methods
-
Add Internet Privilege and Access Policy Ensure your config.xml includes the necessary privileges:
<tizen:privilege name="http://tizen.org/privilege/internet"/> <access origin="*" subdomains="true"/> -
Handle Self-Signed Certificates For development purposes, you can configure your application to accept self-signed certificates:
- For web applications: Use the
tizen:allow-navigationelement in config.xml - For native applications: Implement certificate pinning or custom certificate validation
- For web applications: Use the
-
Proper Certificate Installation For production environments, consider:
- Obtaining a certificate from a trusted CA
- Properly installing the certificate on your server
- Ensuring the certificate chain is complete
Code Examples
For web applications, add this to your config.xml:
<tizen:setting allow-navigation="*" />
<tizen:privilege name="http://tizen.org/privilege/internet"/>
<access origin="*" subdomains="true"/>
Additional Tips
- For production applications, avoid using self-signed certificates
- Test your application with valid certificates before deployment
- Consider using Let's Encrypt for free trusted certificates
- Review Samsung's documentation on secure communications for Tizen TV
