Allow ignoring certificate errors when using an untrusted self-signed certificate for https communication with the AspCore backend.

We can ignore all cert errors or only cert errors from specific domain names configured in electron.manifest.json

Author: javierlarota

ElectronNET.Host/main.js

@@ -54,7 +54,7 @@ if (manifestJsonFile.singleInstance || manifestJsonFile.aspCoreBackendPort) {
         args.forEach(parameter => {
             const words = parameter.split('=');
 
-            if(words.length > 1) {
+            if (words.length > 1) {
                 app.commandLine.appendSwitch(words[0].replace('--', ''), words[1]);
             } else {
                 app.commandLine.appendSwitch(words[0].replace('--', ''));
@@ -75,6 +75,29 @@ if (manifestJsonFile.singleInstance || manifestJsonFile.aspCoreBackendPort) {
     }
 }
 
+// Bypass all SSL/TLS certificate errors. -- Less secure.
+if (manifestJsonFile.ignoreAllCertificateErrors) {
+    console.log('All SSL/TLS Certificate errors will be ignored.');
+    app.commandLine.appendSwitch('ignore-certificate-errors');
+}
+
+// Bypass SSL/TLS certificate errors only for the domain names specified in the electron.manifest.json file.
+if (manifestJsonFile.hasOwnProperty('domainNamesToIgnoreCertificateErrors')) {
+    if (manifestJsonFile.domainNamesToIgnoreCertificateErrors.length > 0) {
+        manifestJsonFile.domainNamesToIgnoreCertificateErrors.forEach(function (site) {
+            console.log('SSL/TLS certificate errors will be ignored for ' + site);
+        });
+
+        app.on('certificate-error', (event, webContents, url, error, certificate, callback) => {
+            if (shouldIgnoreCertificateForUrl(url)) {
+                console.log('SSL/TLS certificate error ignored for URL: ' + url);
+                event.preventDefault()
+                callback(true)
+            }
+        })
+    }
+}
+
 app.on('ready', () => {
 
     // Fix ERR_UNKNOWN_URL_SCHEME using file protocol
@@ -333,3 +356,15 @@ function getEnvironmentParameter() {
 
     return '';
 }
+
+function shouldIgnoreCertificateForUrl(url) {
+    if (manifestJsonFile.hasOwnProperty('domainNamesToIgnoreCertificateErrors')) {
+        // Removing the scheme from the url so it will cover https and wss://
+        const urlWithoutScheme = url.replace(/(^\w+:|^)\/\//, '');
+        const sites = manifestJsonFile.domainNamesToIgnoreCertificateErrors.filter((oneSite) => urlWithoutScheme.startsWith(oneSite));
+
+        return sites.length > 0;
+    }
+
+    return false;
+}