CLEARTEXT communication not permitted

When trying to build a WebSocket connection without SSL on Android we might encounter this guy:

 Connection error: java.net.UnknownServiceException: CLEARTEXT communication to 127.0.0.1 not permitted by network security policy

If it is a development environment and you want to test things, obtaining proper SSL certificate could take time. Therefore, possible solutions are:

  • Adjust app manifest and allow cleartext communications
  • Use self-signed certificates on server, don’t forget to make client trust your cert

1. Adjust app manifest and allow cleartext communications

This is simpler option, so let’s start with it. You need to open AndroidManifest.xml and add android:usesCleartextTraffic flag with value true:

 <application
        ...
        android:theme="..."
        android:usesCleartextTraffic="true">

2. Use self-signed certificates on server

The thing is that clients need to have the custom configuration and trust such certificates. The difficulty of such configuration vary from one framework to another.

For example, it’s not so easy to implement on Kotlin Multiplatform. If you’re on this platform, I encourage you to read 👉 this small article, where you can find an explanation how http client works in Kotlin Multiplatform / Ktor app.

So the thing is that in Kotlin Multiplatform we don’t have ability to configure SSL in the shared code (since it’s common to have only interfaces for http client there), so we will need to write a custom SSL configuration for each platform/engine. If you want to go this way, here is a good article to guide you.


Be mindful

Always keep in mind, that you should NOT do this in production. This should be used only to save your time during development.


Telegram channel

If you still have any questions, feel free to ask me in the comments under this article or write me at promark33@gmail.com.

If I saved your day, you can support me 🤝