A guide for enabling a Xamarin Forms WebView to browse HTTPS pages served by a self-signed certificate.
On a browser, a self-signed certificate produces an "insecure page" warning that can be skipped. In a Xamarin Forms WebView, certificate verification failure causes two unexpected behaviors:
WebView.Navigating event is not invokedWebView.Navigated event fires but WebNavigatedEventArgs.Result is WebNavigationResult.Success (misleading — the page did not actually load)For debug and development only. Do not allow untrusted certificates in production builds.
Based on: Connecting mobile apps to backends for development with SSL
Add android:networkSecurityConfig to the <application> tag:
<?xml version="1.0" encoding="utf-8"?>
<manifest ...>
...
<application android:label="SelfSignedDemo.Android"
android:networkSecurityConfig="@xml/network_security_config">
</application>
...
</manifest>
Create Resources/xml/network_security_config.xml:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<debug-overrides>
<trust-anchors>
<certificates src="user"/>
</trust-anchors>
</debug-overrides>
</network-security-config>
base.OnCreate(bundle)After applying the above changes the app crashes on the emulator at:
base.OnCreate(bundle);
Workaround: This only occurs on the Android Emulator — the app runs correctly on a physical Android device.