Open bmarty opened 4 years ago
New element app for andoid behave exatly as desribed in vector-im/riot-android#1592 I'd be happy to see prompt asking for trusting new certificate. Also it doesn't check and alarm user if server certificate is expired (mine was for two days), it just let me use my server as if everything was OK.
@bmarty Element v. 1.0.8 not accept self-signed certificate.
you had fixed this in previous versions, and everything was fine, until v1.0.8. I am entering from element-android by HTTP
Same issue. Please fix it.
In case of not trusted SSL certificate, RiotX show a dialog during login steps to let the user trust it if he wants to. But if certificate change server side after the login, RiotX will get stucked.
There are already some TODOs in the code to handle properly this use case.
To test: login to a homeserver with a trusted certificate (such as matrix.org for instance). Then set https://github.com/vector-im/riotX-android/blob/b8b79de91c62d8748a319d1621067a1f930d369a/matrix-sdk-android/src/main/java/im/vector/matrix/android/internal/network/ssl/PinnedTrustManagerProvider.kt#L25 to false and deploy again the app.
FTR: issue (fixed) on Riot-Android: https://github.com/vector-im/riot-android/issues/1592