wommel
commented
7 years ago In the play store version the error message is "SSLException in do Request(): Exception-Message: Unacceptable certificate: EMAILADDRESS=support@cacert.org, CN=CA Cert Signing Authoroty, OU=http://www.cacert.org, O=Root CA Exception-Cause: java.security.cert.CertificateException: Unacceptable certificate EMAILADDRESS=support@cacert.org, CN=CA Cert Signing Authoroty, OU=http://www.cacert.org, O=Root CA" and the server logs "ssl3_read_bytes:sslv3 alert certificate unknown".
The CA-Cert root certificate is imported in the system.
None of the settings in the ssl menu in the preferences makes any difference in neither version.
nilsbraden
nning
Since upgrading the system from cm13 (Android 6) to cm14.1 (Android 7.1) the app is unable to connect to my server.
The F-Droid versions error message is: "SSLException in do Request(): Exception-Message: SSL handshake aborted: ssl=0x9927620c0: I/O error during system call, Connection reset by peer No Exception-Cause available"
The server logs: "ssl3_get_client_hello:no shared cipher" and "SSL23_GET_CLIENT_HELLO:unknown protocol" on connection from the app. The server is configured to only accept connections via TLSv1.2 and uses following cipherspec: "kEDH+aRSA+AESGCM:kEECDH+aRSA+AESGCM:!SHA1@STRENGTH".
So the problem seems to be too high security for java based software but as it worked fine before the system upgrade and the website still works in the systems browser I'l still consider it a bug.
For the time beeing I'l probaly lower the servers security a bit but that does not make me happy :(