SSL issue when trying to communicate with Python webserver on Raspberry PI by using a Progressive Web App

Question

I'm trying to create a measurement device which can be controlled with a smart phone.

My situation

• The places where I'm using the device don't have any internet connection available.
• The measurement device uses a Raspberry PI, which creates a local WiFi network to communicate with the smart phone.
• There is a Python webserver running on the RPI.
• The smart phone has a PWA installed to send commands to the RPI's webserver.
• The PWA is hosted on GitHub Pages (uses HTTPS by default).
• After installation the PWA is supposed to work without an internet connection (just uses the RPI WiFi).

My goal is to successfully send requests to the Python webserver on the RPI by using the PWA on my smart phone.

My issue

When fetching the Python webserver within the PWA, I receive a Mixed Content error because the PWA is hosted on HTTPS (and also requires HTTPS) but the Python server is not.
When I tried using a self signed certificate created with OpenSSL, I receive a ERR_CERT_AUTHORITY_INVALID error.
I tried to use Let's Encrypt, but CertBot requires an actual domain. I only have an IP adress, which is the RPI's IP within its own WiFi network.

What should I do?

Answer 1

I fixed my issue by registering a free .tk domain pointing to 127.0.0.1 (localhost) and using Certbot from Let's Encrypt to create a SSL Certificate.
To validate the domain with Certbot I've used the TXT record validation.
In order to make use of the domain without an internet connection I've added a DNS record with the same .tk domain pointing to localhost inside the dnsmasq config file of the RPI.
My python webserver then uses the cert file to establish serving over HTTPS so the SPA on my mobile device won't throw an error when requesting data.