Open ilanco opened 2 weeks ago
Hi @jpmens , thanks for responding
I'm using a certificate from Let's Encrypt, so it should be trusted by the Android trust store. I can connect to the same URI using curl or chrome.
Do I see a TLS v1 connection attempt there? Our Changelog says:
TLSv1 and TLSv1.1 are deprecated. Supported TLS versions are 1.2 and 1.3.
I think it's a v1 request with a v1.3 response.
Without seeing both the app log and status message, it's going to be hard to figure out what's going on here.
@ilanco are you able to send both, unobfuscated please, to support@owntracks.org
so that @growse can take a look?
If you also want to email us your endpoint, I can try and recreate the connection here.
I've sent both the app log and status message and the endpoint to support@owntracks.org
. Thanks!
Thanks - I seem to be able to send messages from my test device to your endpoint. I see you're using HTTP auth, are you including those credentials in the URL itself, or setting them with the credentials part on the connection screen?
Hi Growse, thank you for testing the endpoint from your side. I believe I set the credentials in the dedicated settings. However, I tested without HTTP auth as well and could not connect using https, only http.
Did you use the beta version installed from Google Play or from the GitHub releases?
Hi guys, I've performed another test using owntracks-release-oss-420500002.apk loaded from the GitHub releases page. Using this version I was able to connect using https.
Ok, that's weird.
Could you confirm that the oss APK (from the GH release) works, but the gms one doesn't?
The beta version did not allow me to connect to a HTTP endpoint using https. However, pointing the app to the same domain using http worked without issues. The logs were unhelpful, even in debug mode. There was no indication that a connection was being established. Apologies for not pasting them here, I've already uninstalled the beta version.
I downgraded to version 2.4.12 (OSS) and both http and https endpoints are working properly.
I believe there is an issue with the beta version preventing the SSL handshake to succeed.
Wireshark capture from a failed connection attempt:
And below is a successful attempt with version 2.4.12:
Thanks, Ilan