I seems bug #312 may not be fixed on Android 8.0 running 1.92.0 from the Play Store. I'm new to ttrss-reader, so I can't confirm previous builds worked.
I'm using a self-signed certificate with a CA that has been imported into Android. Loading the tt-rss url in Chrome works fine and validates. Other apps have no issues validating this certificate. I ensured that my server (using nginx) is using a chain of the CA and the cert.
The only thing I can think of is perhaps the app isn't checking the SAN? My issued certificate has multiple DNS entries, and the URL I'm using is not the common name, but rather is listed as a SAN.
I made the SSL settings as permissive as possible, disabling Google play services provider-installer, enabling accept all SSL certificates, and trusting all hosts. Shouldn't this make the app accept any certificate?
maikbrueggemann
commented
6 years ago
I seems bug #312 may not be fixed on Android 8.0 running 1.92.0 from the Play Store. I'm new to ttrss-reader, so I can't confirm previous builds worked.
I'm using a self-signed certificate with a CA that has been imported into Android. Loading the tt-rss url in Chrome works fine and validates. Other apps have no issues validating this certificate. I ensured that my server (using nginx) is using a chain of the CA and the cert.
The only thing I can think of is perhaps the app isn't checking the SAN? My issued certificate has multiple DNS entries, and the URL I'm using is not the common name, but rather is listed as a SAN.
I made the SSL settings as permissive as possible, disabling Google play services provider-installer, enabling accept all SSL certificates, and trusting all hosts. Shouldn't this make the app accept any certificate?