search

nextcloud / notes-android

✎ Android client for Nextcloud Notes app.
https://play.google.com/store/apps/details?id=it.niedermann.owncloud.notes
GNU General Public License v3.0
921 stars 134 forks source link

Can't connect to my server #226

Closed zen0x90 closed 7 years ago

zen0x90 commented 7 years ago

Hi,

Android version: 5.1

Device: Fairphone 2

System language: English (US)

App version: v0.11.0

App source: F-Droid

Steps to reproduce:

  1. open the app
  2. enter your server settings
  3. enter your login/password
  4. click connect

Description: I've just installed Notes and I'm using nextcloud server. I can't connect to it "Invalid login: Server connection is broken". My password is fine also, I can sync with multiple applications and I can connect to my server without any problem.

zen0x90 commented 7 years ago

Notes:

stefan-niedermann commented 7 years ago

can you please provide a test account and send the credentials to my email adress so i can reproduce the problem?

zen0x90 commented 7 years ago

Yes done. I just sent to you the email with the details

zen0x90 commented 7 years ago

@stefan-niedermann did you receive my email ?

stefan-niedermann commented 7 years ago 
javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:328)
at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:103)
at com.android.okhttp.Connection.connect(Connection.java:143)
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:185)
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128)
at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:341)
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330)
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:248)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:433)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:114)
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89)
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java)
at it.niedermann.owncloud.notes.util.NotesClientUtil.isValidLogin(NotesClientUtil.java:67)
at it.niedermann.owncloud.notes.android.activity.SettingsActivity$LoginValidatorAsyncTask.doInBackground(SettingsActivity.java:254)
at it.niedermann.owncloud.notes.android.activity.SettingsActivity$LoginValidatorAsyncTask.doInBackground(SettingsActivity.java:236)
at android.os.AsyncTask$2.call(AsyncTask.java:295)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:234)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
at java.lang.Thread.run(Thread.java:818)
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:318)
at com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(TrustManagerImpl.java:219)
at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:115)
at com.android.org.conscrypt.OpenSSLSocketImpl.verifyCertificateChain(OpenSSLSocketImpl.java:556)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
at com.android.okhttp.internal.http.SocketConnector.connectTls(SocketConnector.java:103) 
at com.android.okhttp.Connection.connect(Connection.java:143) 
at com.android.okhttp.Connection.connectAndSetOwner(Connection.java:185) 
at com.android.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:128) 
at com.android.okhttp.internal.http.HttpEngine.nextConnection(HttpEngine.java:341) 
at com.android.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:330) 
at com.android.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:248) 
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:433) 
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:114) 
at com.android.okhttp.internal.huc.DelegatingHttpsURLConnection.connect(DelegatingHttpsURLConnection.java:89) 
at com.android.okhttp.internal.huc.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java) 
at it.niedermann.owncloud.notes.util.NotesClientUtil.isValidLogin(NotesClientUtil.java:67) 
at it.niedermann.owncloud.notes.android.activity.SettingsActivity$LoginValidatorAsyncTask.doInBackground(SettingsActivity.java:254) 
at it.niedermann.owncloud.notes.android.activity.SettingsActivity$LoginValidatorAsyncTask.doInBackground(SettingsActivity.java:236) 
at android.os.AsyncTask$2.call(AsyncTask.java:295) 
at java.util.concurrent.FutureTask.run(FutureTask.java:237) 
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:234) 
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113) 
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588) 
at java.lang.Thread.run(Thread.java:818) 
Caused by: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
stefan-niedermann commented 7 years ago

This SSL-Certificate seems to be not 100% valid. Though Chrome and Firefox do not show any trust problems, a scan reveals problems

grafik

Do you have the option to install a free certificate from Let's Encrypt? If not, please contact your server administrator and depict them the problem.

zen0x90 commented 7 years ago

Well...my certificate is from Let's Encrypt :(

What website scanner are you using ?

zen0x90 commented 7 years ago

I tried with SSLabs from Qualys. I've got a mismatch in name. I fixed it but the problem persist. I think the issue is SNI. It seems android has some difficulties with that.

zen0x90 commented 7 years ago

Thanks for driving me to the right direction @stefan-niedermann . The problem was the certificate. I fixed it by setting intermediate certificate (to be clear its always better to use fullchain.pem).

stefan-niedermann commented 7 years ago

I'm glas to here this :) Sorry, i analysed two different problems yesterday at the same time and i thought your cert was not from Let's Encrypt. But yes, i think the missing intermediate cert caused the problem - i am just wondering why Chrome and Firefox Desktop did not show the problem.... The used Scanner is linked above: https://www.digicert.com/help/

If you have purchased the app via Play Store please feel free to leave a comment if you like the app ;-)

Regards