I am trying to use the CheckCertificate action so that we can show a suitable error to the customer when they need to update the application due to a certificate update.
The documentation (and the code in the old location github.com/OutSystems/cordova-outsystems-sslpinning) say that if the SSL Pinning hash doesn't match it should return error code 1, and for anything else (presumably connectivity errors) it should error code 2.
However when I test an Android app built with a purposefully wrong SSL Pinning config, it is returning error code 2. This means I am unable to reliably tell whether a failure is caused by intermittent network connection or by an SSL Pinning mismatch, so I cannot use this method to ask customers to upgrade.
Is there a known issue with the error detection in the Android version of CheckCertificate?
(I have not yet tried this on an Apple device, it may well have the same issue)
The code looks for errors of type javax.net.ssl.SSLPeerUnverifiedException
The actual error thrown is of type javax.net.ssl.SSLHandshakeException (message "Pin verification failed")