I have an react native expo app I’m developing locally and it’s running on a Pixel 8 android emulator. When sending http requests to the backend, I get, “TypeError: Network request failed”. When I look at the logs for the traefik proxy that’s running from my docker compose file, I see an error saying, “http: TLS handshake error from 172.22.0.1:40280: remote error: tls: unknown certificate”.

What I’ve already tried:

• I’ve double checked to make sure the host being for the api requests is correct (10.0.2.2)
• I’m using a self signed certificate for the traefik proxy, and the CA pem file has been added to the list of trusted authorities in the android settings

Here are my config files which might be relevant to tracking down the problem:

# app.json
{
  "expo": {
    "jsEngine": "hermes",
    "name": "myapp",
    "slug": "mobileapp",
    "version": "1.0.0",
    "orientation": "portrait",
    "icon": "./assets/icon.png",
    "splash": {
      "image": "./assets/splash.png",
      "resizeMode": "contain"
    },
    "updates": {
      "fallbackToCacheTimeout": 0
    },
    "assetBundlePatterns": [
      "**/*"
    ],
    "ios": {
      "jsEngine": "hermes",
      "supportsTablet": true,
      "bundleIdentifier": "com.myapp.mobileapp"
    },
    "userInterfaceStyle": "automatic",
    "android": {
      "jsEngine": "hermes",
      "adaptiveIcon": {
        "foregroundImage": "./assets/adaptive-icon.png",
        "backgroundColor": "#4149b0"
      },
      "softwareKeyboardLayoutMode": "pan",
      "package": "com.myapp.mobileapp"
    },
    "web": {
      "favicon": "./assets/favicon.png",
      "bundler": "metro"
    },
    "plugins": [
      [
        "expo-font",
        {
          "fonts": [
            "./assets/fonts/SourceSans3Bold.ttf",
            "./assets/fonts/SourceSans3SemiBold.ttf",
            "./assets/fonts/SourceSans3Medium.ttf",
            "./assets/fonts/SourceSans3Regular.ttf"
          ]
        }
      ],
      [
        "expo-secure-store",
        {
          "faceIDPermission": "Allow $(PRODUCT_NAME) to access your Face ID biometric data.",
          "touchIDPermission": "Allow $(PRODUCT_NAME) to access your Touch ID biometric data."
        }
      ],
      [
        "./withAndroidPlaid.js"
      ]
    ]
  }
}

# docker-compose.yml

...
  proxy:
    image: traefik:v2.10
    command:
      - "--api.insecure=true"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--entryPoints.websecure.forwardedHeaders.insecure"
      # ^^ needed so that we can check ip address of the ory webhook response in the django middleware
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.file.directory=/traefik"
      - "--providers.file.watch=true"
      - "--log.level=DEBUG"
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - ./front/certs:/etc/ssl/certs
      - ./traefik:/traefik
      - /var/run/docker.sock:/var/run/docker.sock
...

# traefik.config
tls:
  certificates:
    - certFile: /etc/ssl/certs/localhost.crt
      keyFile: /etc/ssl/certs/localhost.key