[OutSystems Now] Server certificate is not trusted

[OutSystems Now] Server certificate is not trusted

  
Forge Component
(35)
Published on 4 May by OutSystems R&D
35 votes
Published on 4 May by OutSystems R&D
Hi.
I am trying to use OutSystems Now with a server that has a self-signed SSL certificate, but it is not working. It gives me the following error:

An SSL error has occurred because the server's certificate is not trusted.

I remember that this had worked in the past, so here's the question: does OutSystems Now accept self-signed certificates? If it doesn't, is there any procedure to trust a self-signed certificate?

Thanks,
Leonardo Fernandes
Hello Leonardo

We updated OutSystems Now a couple of weeks ago with some security improvements. One of those improvements was related to certificates. Until that update, OutSystems Now already worked with HTTPS but it allowed invalid certificates to be used. With the update, we enforced only valid certificates.
 
However, we realized that some customers would have issues with this approach, mainly in development environments where it's common not to have valid certificates. To address this, we launched another version with the option to accept invalid certificates at the user's risk. This behavior is very similar to what most browsers do nowadays (ask the user to continue because the certificate is not valid).
 
Although it's now possible again to use invalid certificates, we do recommend the usage of a valid certificate as a best practice. Please confirm that you have the latest version of OutSystems Now.
 
Thanks in advance

Hello,

I confirm that this is no longer an issue using the Outsystems Now application. A prompt message is issued to confirm the usage of an invalid certificate.

What about native Outsystems 10 applications? I have an application that i am trying to run rest calls directrly from javascript. I am able to do it via Browser and Outsystems now (the message is issued). However i am not able to do it when using the native application. No error is issued when i try via native application. It simply does nothing.


Can you help?


Thank you,


Vasco Mendes

Why not using a trusted certificate?

There are even free options nowadays, with trusted CAs...