Closed sowaco closed 4 months ago
hello, thanks for the detailed description. It's not possible to connect with self signed certificates, it's an Android limitation. The old Power Ampache uses an old Android SDK, that still allows that. Now every custom certificate must be explicitely added to app codebase: https://developer.android.com/privacy-and-security/security-config#TrustingAdditionalCas
Hi, I'm not an android developer, so, following can be absolute nonsense, but somebody told me, that this can be done with:
<base-config ...>
<trust-anchors>
<certificates src="system" />
<certificates src="user" />
</trust-anchors>
</base-config>
See
About approval of app trusting User Store with private CA for production use
Network security configuration#trust-anchors
Network security configuration (Search for "users")
Regards
Typically, I've never permitted self-signed certificates in my applications, so delving into this configuration is new to me, but the process seems straightforward based on the documentation. I've noticed multiple mentions of importing the certificate directly into the app, which obviously I can't do for everyone: Anyway, I suppose it's worth giving it a try, I attached a version of the app where user certificates are enabled in the config, but no certificate is provided. Let me know if it works please, if it does, the fix will be in the next release. APK LINK: https://github.com/icefields/Power-Ampache-2/raw/v1.00-59/app/FDroid/release/app-FDroid-1.00-59.apk
Success!
I can confirm, that it is working now with the apk "../.app-FDroid-1.00-59.apk".
Thanks a lot.
(Of course, i struggled also with issue #117, I solved this with a switch to an user name with lowercase chars and an api password)
Success!
I can confirm, that it is working now with the apk "../.app-FDroid-1.00-59.apk".
Thanks a lot.
Perfect! I will have this fix in the next release. I think I will release this evening on Github, while FDroid it will take 3-6 days.
(Of course, i struggled also with issue #117, I solved this with a switch to an user name with lowercase chars and an api password)
For that one you'll have to wait for the next Nextcloud Music update. As soon as you update, uppercase names should start working right away.
If you use FDroid, it will probably take 3 to 6 days to get the update. If you're using Github releases you're good until v1.00-60
.
I'm closing this issue. Thanks again for the report!
It seems, that Power Ampache 2 doesn't validate certificates against root certificates installed in the USER root certificate storage.
So, it is not possible to connect to internal/local servers with an own certificate authority.
Tested:
System:
Log:
Thanks for your work !