Closed naturzukunft closed 7 months ago
Hi @naturzukunft ! As I understand, you are building AndStatus yourself?! The related doc https://github.com/andstatus/andstatus/blob/master/doc/DeveloperFAQ.md mentions the step: "Insert your application's private keys to the project: See "OAuthClientKeys.java" file for more information." The location of that file changed, it's here now: https://github.com/andstatus/andstatus/blob/master/app/src/main/kotlin/org/andstatus/app/net/http/OAuthClientKeys.kt
Reading deeper I see that the stacktrace is of the "Verbose" level logging message. This means that you may ignore it as the "OAuthClientKeysSecret" class is NOT required.
Further in the log file we see "URL: https://dev.rdf-pub.org/.well-known/oauth-authorization-server; Caused by javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found." This means that the site was signed by a "Certificate authority" that is not trusted by the client (by Android device...) or some other server misconfiguration (please search for the error message). For the start I would open the URL by a browser and look up certificate info via it. - I did this now and couldn't get any response...
As I understand, you are building AndStatus yourself?!
No, i'm using the app from fdroid i think.
- I did this now and couldn't get any response...
Hm, it's a lets encrypt certificate. I can browse it from my unix notebook.
If i call the url from the same smartphone with firefox i get also a secure connection:
I checked the address https://dev.rdf-pub.org/.well-known/oauth-authorization-server using https://www.sslchecker.com/sslchecker and got on my PC that the certificate is not trusted and I need to install some "chain"/"root" certs:
BTW, what you tested could be actually not secure connection...
@naturzukunft See also related issues: https://github.com/andstatus/andstatus/issues/379 and this one: https://github.com/andstatus/andstatus/issues/208 BTW, AndStatus has "Insecure SSL" option in the "Social network" settings.
And here we also see the certificate's issues: https://www.ssllabs.com/ssltest/analyze.html?d=dev.rdf-pub.org "This server's certificate chain is incomplete."
log.txt