search

mozilla-services / syncserver

Run-Your-Own Firefox Sync Server
Mozilla Public License 2.0
1.87k stars 145 forks source link

no access #85

Closed Happyfeet01 closed 7 years ago

Happyfeet01 commented 7 years ago

Hello,

I have setup my syncserver on an Ubuntu 16.04 LTS server.

When I access with my browser the domain https://sync.domain.tld there is a it works message. i can sync my firefox Browser at work and home. Only Android won´t work.. Is it not supported? 

02-24 14:35:39.742 I/ActivityManager(1513): START u0 {act=org.mozilla.firefox.ACTION_FXA_GET_STARTED flg=0x10000 cmp=org.mozilla.firefox/org.mozilla.gecko.fxa.activities.FxAccountGetStartedActivityWeb (has extras)} from uid 10142 on display 0
02-24 14:35:39.879 I/ActivityManager(1513): START u0 {act=org.mozilla.firefox.ACTION_FXA_STATUS flg=0x10000 cmp=org.mozilla.firefox/org.mozilla.gecko.fxa.activities.FxAccountStatusActivity} from uid 10142 on display 0
02-24 14:35:39.889 W/ActivityManager(1513): Duplicate finish request for ActivityRecord{294e512 u0 org.mozilla.firefox/org.mozilla.gecko.fxa.activities.FxAccountGetStartedActivityWeb t606 f}
02-24 14:40:50.721 I/FxAccounts(1583): firefox :: FxAccountStatusFragment :: AvatarURI is empty, skipping profile image fetch.
02-24 14:40:51.888 I/FxAccounts(1583): firefox :: FirefoxAccounts :: Requesting sync.
02-24 14:40:51.888 I/FxAccounts(1583): firefox :: FirefoxAccounts :: Sync options -- scheduling now: true
02-24 14:40:51.931 I/FxAccounts(1583): firefox :: FxAccountStatusFragment :: Got sync started message; refreshing.
02-24 14:40:51.933 I/FxAccounts(1583): firefox :: FxAccountStatusFragment :: AvatarURI is empty, skipping profile image fetch.
02-24 14:40:52.021 I/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Syncing FxAccount account named like XXXX@XXXXXXXXXXX.XXX for authority org.mozilla.firefox.db.browser with instance org.mozilla.gecko.fxa.sync.FxAccountSyncAdapter@4846345.
02-24 14:40:52.025 I/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Account last synced at: -1
02-24 14:40:52.025 I/FxAccounts(1583): firefox :: FirefoxAccounts :: Sync options -- scheduling now: true
02-24 14:40:52.096 D/GeckoLogger(1583): Thread with tag and thread id acquiring lock: FxAccountSyncAdapter, 33944 ...
02-24 14:40:52.096 D/GeckoLogger(1583): Thread with tag and thread id acquiring lock: FxAccountSyncAdapter, 33944 ... ACQUIRED
02-24 14:40:52.105 I/FxAccounts(1583): firefox :: LoginStateMachineDelegate :: handleFinal: in Married
02-24 14:40:52.106 I/FxAccounts(1583): firefox :: AndroidFxAccount :: Moving account named like XXXX@XXXXXXXXXXX.XXX to state Married
02-24 14:40:52.176 I/FxAccounts(1583): firefox :: FxAccountNotificationManager :: State Married needs no action; cancelling any existing notification.
02-24 14:40:52.177 I/FxAccounts(1583): firefox :: LoginStateMachineDelegate :: handleMarried: in Married
02-24 14:40:55.777 E/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Failed to get token.
02-24 14:40:55.777 E/FxAccounts(1583): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
02-24 14:40:55.777 E/FxAccounts(1583):  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.conn.ssl.SSLSocketFactory.connectSocket$4028dcbe(SSLSocketFactory.java:535)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:174)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:825)
02-24 14:40:55.777 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.execute(BaseResource.java:308)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.retryRequest(BaseResource.java:349)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.execute(BaseResource.java:318)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.go(BaseResource.java:373)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.get(BaseResource.java:379)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.sync.FxAccountSyncAdapter.syncWithAssertion$1a55e242(FxAccountSyncAdapter.java:371)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.sync.FxAccountSyncAdapter$3.handleMarried(FxAccountSyncAdapter.java:539)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.authenticator.FxADefaultLoginStateMachineDelegate.handleFinal(FxADefaultLoginStateMachineDelegate.java:81)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.login.FxAccountLoginStateMachine.advance(FxAccountLoginStateMachine.java:78)
02-24 14:40:55.777 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.sync.FxAccountSyncAdapter.onPerformSync(FxAccountSyncAdapter.java:489)
02-24 14:40:55.777 E/FxAccounts(1583):  at android.content.AbstractThreadedSyncAdapter$SyncThread.run(AbstractThreadedSyncAdapter.java:272)
02-24 14:40:55.777 E/FxAccounts(1583): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
02-24 14:40:55.777 E/FxAccounts(1583):  at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:324)
02-24 14:40:55.777 E/FxAccounts(1583):  at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:225)
02-24 14:40:55.777 E/FxAccounts(1583):  at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
02-24 14:40:55.777 E/FxAccounts(1583):  at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556)
02-24 14:40:55.777 E/FxAccounts(1583):  at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
02-24 14:40:55.777 E/FxAccounts(1583):  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
02-24 14:40:55.777 E/FxAccounts(1583):  ... 20 more
02-24 14:40:55.777 E/FxAccounts(1583): Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
02-24 14:40:55.777 E/FxAccounts(1583):  ... 26 more
02-24 14:40:55.815 D/GeckoLogger(1583): Thread with tag and thread id releasing lock: FxAccountSyncAdapter, 33933 ...
02-24 14:40:55.815 D/GeckoLogger(1583): Thread with tag and thread id releasing lock: FxAccountSyncAdapter, 33933 ... RELEASED
02-24 14:40:55.815 W/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Global session failed.
02-24 14:40:55.817 E/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Got exception syncing.
02-24 14:40:55.817 E/FxAccounts(1583): javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
02-24 14:40:55.817 E/FxAccounts(1583):  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.conn.ssl.SSLSocketFactory.connectSocket$4028dcbe(SSLSocketFactory.java:535)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:174)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:825)
02-24 14:40:55.817 E/FxAccounts(1583):  at ch.boye.httpclientandroidlib.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.execute(BaseResource.java:308)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.retryRequest(BaseResource.java:349)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.execute(BaseResource.java:318)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.go(BaseResource.java:373)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.sync.net.BaseResource.get(BaseResource.java:379)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.sync.FxAccountSyncAdapter.syncWithAssertion$1a55e242(FxAccountSyncAdapter.java:371)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.sync.FxAccountSyncAdapter$3.handleMarried(FxAccountSyncAdapter.java:539)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.authenticator.FxADefaultLoginStateMachineDelegate.handleFinal(FxADefaultLoginStateMachineDelegate.java:81)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.login.FxAccountLoginStateMachine.advance(FxAccountLoginStateMachine.java:78)
02-24 14:40:55.817 E/FxAccounts(1583):  at org.mozilla.gecko.fxa.sync.FxAccountSyncAdapter.onPerformSync(FxAccountSyncAdapter.java:489)
02-24 14:40:55.817 E/FxAccounts(1583):  at android.content.AbstractThreadedSyncAdapter$SyncThread.run(AbstractThreadedSyncAdapter.java:272)
02-24 14:40:55.817 E/FxAccounts(1583): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
02-24 14:40:55.817 E/FxAccounts(1583):  at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:324)
02-24 14:40:55.817 E/FxAccounts(1583):  at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:225)
02-24 14:40:55.817 E/FxAccounts(1583):  at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
02-24 14:40:55.817 E/FxAccounts(1583):  at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556)
02-24 14:40:55.817 E/FxAccounts(1583):  at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
02-24 14:40:55.817 E/FxAccounts(1583):  at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
02-24 14:40:55.817 E/FxAccounts(1583):  ... 20 more
02-24 14:40:55.817 E/FxAccounts(1583): Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
02-24 14:40:55.817 E/FxAccounts(1583):  ... 26 more
02-24 14:40:55.822 I/FxAccounts(1583): firefox :: LoginStateMachineDelegate :: Fetching profile avatar information.
02-24 14:40:55.822 D/GeckoLogger(1583): Thread with tag and thread id releasing lock: FxAccountSyncAdapter, 33944 ...
02-24 14:40:55.822 D/GeckoLogger(1583): Thread with tag and thread id releasing lock: FxAccountSyncAdapter, 33944 ... NOT LOCKED
02-24 14:40:55.822 I/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Syncing done.
02-24 14:40:55.848 I/GeckoLogger(1583): firefox :: AndroidFxAccount :: Intent service launched to fetch profile.
02-24 14:40:55.873 I/FxAccounts(1583): firefox :: FxAccountStatusFragment :: Got sync finished message; refreshing.
02-24 14:40:55.875 I/FxAccounts(1583): firefox :: FxAccountStatusFragment :: AvatarURI is empty, skipping profile image fetch.
02-24 14:40:55.876 D/SyncManager(1513): failed sync operation mail@larsmueller.net u0 (org.mozilla.firefox_fxaccount), org.mozilla.firefox.db.browser, SERVER, currentRunTime 112002808, EXPEDITED, reason: 10142, SyncResult: stats [ numIoExceptions: 1 numUpdates: 1]
02-24 14:41:02.283 I/GeckoLogger(1583): firefox :: AndroidFxAccount :: Profile JSON fetch succeeeded!
02-24 14:41:31.810 I/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Syncing FxAccount account named like XXXX@XXXXXXXXXXX.XXX for authority org.mozilla.firefox.db.browser with instance org.mozilla.gecko.fxa.sync.FxAccountSyncAdapter@4846345.
02-24 14:41:31.814 I/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Account last synced at: -1
02-24 14:41:31.815 I/FxAccounts(1583): firefox :: FirefoxAccounts :: Sync options -- scheduling now: false
02-24 14:41:31.824 I/FxAccounts(1583): firefox :: FxAccountSyncAdapter :: Not syncing (background): must wait another 3560262ms.
02-24 14:41:48.031 W/InputDispatcher(1513): channel 'dff6da4 org.mozilla.firefox/org.mozilla.gecko.fxa.activities.FxAccountStatusActivity (server)' ~ Consumer closed input channel or an error occurred.  events=0x9
02-24 14:41:48.031 E/InputDispatcher(1513): channel 'dff6da4 org.mozilla.firefox/org.mozilla.gecko.fxa.activities.FxAccountStatusActivity (server)' ~ Channel is unrecoverably broken and will be disposed!
02-24 14:41:48.043 I/WindowState(1513): WIN DEATH: Window{dff6da4 u0 org.mozilla.firefox/org.mozilla.gecko.fxa.activities.FxAccountStatusActivity}
02-24 14:41:48.043 W/InputDispatcher(1513): Attempted to unregister already unregistered input channel 'dff6da4 org.mozilla.firefox/org.mozilla.gecko.fxa.activities.FxAccountStatusActivity (server)'
rfk commented 7 years ago

02-24 14:40:55.817 E/FxAccounts(1583): Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

I recall there being difficulties with using self-signed or otherwise unusual SSL certificates on Android. You might find that using a certificate from Lets Encrypt or some other default-trusted provider, will get things up and running.

MrHappy commented 7 years ago

Would be nice if it was possible to make it work with self-signed certificates... Importing a self-signed cert into Android doesn't make it work, unfortunately...

rfk commented 7 years ago

Would be nice if it was possible to make it work with self-signed certificates..

@rnewman is there a bug (resolved/wontfix or otherwise) for this on the android side of things? IIUC there's not much we an do about it in the server, it's all about Android's support for self-signed certs.

rnewman commented 7 years ago

Bug 756763.

rnewman commented 7 years ago

Note that this usually works for folks if they import the certs into Android's certificate store — visit the page in Chrome or the stock browser and save the cert there. Firefox's own cert store is not used by Sync.

rfk commented 7 years ago

Thanks! Closing this in favour of the above.