Android could not connect to https://*****.com/databaseName

[Porco24]

It's work on PC and IPad，but when I ust Android it's could not connect to my server And I can open this url in browser, but I cant use this url in Obsidia

[vrtmrz]

Thank you for using this plugin! What certificate are you using? Let's encrypt? And perhaps, do you serve CouchDB in a non-standard port? I'll try it later. But could you try serving in a standard port?

[Porco24]

I use 'Sectigo RSA Domain Validation Secure Server CA' Certificate, And I didn't encrypt Yes,I Use non-standard port, And I will try standard port later

[Porco24]

By the way, I use 6895 port for ssh, I dont know it's mean standard port or you mean I shoud use port like 80?

[vrtmrz]

CouchDB uses a standard web port. so It's 443(HTTPS) If you're serving some websites, you have to set up the reverse proxy.

[FracturedCode]

Hi, I have the same error. AFAIK everything is configured correctly. It works on my PC, but not android. I am using oneplus 8 (android 11). I am using the normal https port (443) and lets encrypt. My server is behind nginx. I'd love to check the console to see the specifics of the error but idk how to do that on android. This is specific to android. @Porco24 has the same issue; it works on PC but not android.

[FracturedCode]

I have found the issue. This is a result of the Access-Control-Allow-Origin header. On other devices the origin is app://obsidian.md. On android the origin is http://localhost. When I change the header to http://localhost, my android device can now connect, but my PC cannot. Conversely, setting the header to app://obsidian.md causes android connection to fail:

The request will not accept wildcards, so the temporary solution might be to create a separate subdomain in the reverse proxy with a different header. Maybe it is also possible to detect the device type and send a device-specific header.

Edit: In nginx you can add this: add_header 'Access-Control-Allow-Origin' '$http_origin' always;, which will reflect back whatever origin the client gave you. I'm not super well versed in CORS, but I think this kind of defeats the purpose; it is less secure.

[Porco24]

@FracturedCode That is very cool work, I'm using oneplus6, actually i'm just learn web few day ago, I think maybe it should correct the plugin code, but not using other way to fix it?

[vrtmrz]

Sorry for being late! CouchDB sends back the host which requested into Access-Control-Allow-Origin automatically if CouchDB's CORS setting is configurated correctly. (even you set * to CouchDB's configuration, explicit host will be in the response.)

Did you set or modify these headers in reverse proxy? Could you please leave them as is and set CouchDB's CORS setting?

And, we can set and multiple and custom scheme origins to CouchDB from local.ini,

Otherwise, we have to use * to the CORS setting.

[Porco24]

@vrtmrz [couchdb] single_node=true

[chttpd] require_valid_user = true

[chttpd_auth] require_valid_user = true authentication_redirect = /_utils/session.html

[httpd] WWW-Authenticate = Basic realm="couchdb" enable_cors = true

[cors] origins = app://obsidian.md,capacitor://localhost,http://localhost credentials = true headers = accept, authorization, content-type, origin, referer methods = GET, PUT, POST, HEAD, DELETE max_age = 3600

[ssl] port = 6984 enable = true cert_file = /opt/bitnami/couchdb/etc/server.crt key_file = /opt/bitnami/couchdb/etc/server.key

This is my local.ini, I didn't change it

[FracturedCode]

I think I see what happened on my end. I probably set up CouchDB which doesn't have CORS on by default and on my PC saw that it wasn't connecting because of CORS. Then my solution was to add the header in the proxy, not knowing about the settings in CouchDB. If @Porco24 is still having issues after messing around with their CORS settings, then maybe our issues are not as similar as I thought, even if we had the same error message. @Porco24 you can see the exact error from electron by USB debugging. Enable USB debugging in your phone's developer options. Then see these instructions If you go to the "Console" tab it should show you a more detailed error message when you try to connect to couchdb. Hope this helps.

[Porco24]

@FracturedCode OK，Thanks，I will try to get the error log latter

[Porco24]

@FracturedCode @vrtmrz

Unfortunately, I didn't find any error about the connect to CouchDB, it just happen, and I have no idea about that, I will continue try something to find where wrong

[Porco24]

btw, I'm not use reverse proxy, I just use ddns on my server and open a port

[vrtmrz]

@Porco24 Thanks for the logs. I checked the behavior of using a custom port and the Let's Encrypt SSL certificate and I found it was ok. So then, may I see the right pane of DevTools? (When you selected one of the lines, details are shown to beside) Like this:

[Porco24]

@vrtmrz I try about headers it just fail to send to my server, and I found my Couchdb's log have error, so it's my ssl problem(I use NameCheap SSL), but it's only happen on my android phone app but working on my mobile browser , it's weird, anyway I'm try to find where wrong

[Porco24]

I use logcat find this error log ,I will try to use Let's Encrypt SSL 01-27 11:44:00.566 E/chromium(30674): [ERROR:ssl_client_socket_impl.cc(980)] handshake failed; returned -1, SSL error code 1, net_error -202

[uzqw]

I have the same problem, with the same configration works on PC, but not work on Android.

[Porco24]

@uzqw Did u using namecheap ssl? I try to use localhost test my couchdb config it's work, I think namecheap SSL have something wrong

[uzqw]

@Porco24 No, just http. Have you successed sync on Android phone?

[Porco24]

@uzqw Yes, When I use localhost test my server it's work, but when I use my SSL it's not work, and mobile sync must use https

[vrtmrz]

@Porco24 Thank you again!

I use logcat find this error log ,I will try to use Let's Encrypt SSL 01-27 11:44:00.566 E/chromium(30674): [ERROR:ssl_client_socket_impl.cc(980)] handshake failed; returned -1, SSL error code 1, net_error -202

I saw this message when I tested the self-signed certificate with the local cert store (#12). Are you using the local cert store?

@uzqw HTTP is not available on mobile devices. Please try ngrok or localhost.run

[uzqw]

@Porco24 @vrtmrz Thanks for you guys kindly remind me. I am going to try it.

[uzqw]

@Porco24 @vrtmrz With Let's Encrypt SSL and Nginx reverse proxy function, now I am successful to sync in android. I'd like to express my appreciation for your attention.

[Porco24]

@vrtmrz No,I didn't use self-signed certificate, I but the certificate on NameCheap, and I'm not sure what mean of "local cert", I just download the crt and key file, and send to my server, use coudch read its The cert work well on my gitlab or emby, now I'm not sure what happen with obsidian, maybe I should change another android phone to test it And a few days ago, I found some about namecheap ssl work wrong with couchdb, I think it's maybe the namecheap cert problem

[Porco24]

@vrtmrz If it's problem about local cert of self-signed certificate, I think it's will happen to ios mobile too, but it's work well on ios

[Porco24]

@uzqw Thanks bro, I will test Encrypt SSL latter

[pcsquirrel]

I have pretty the same problem. I have setup couchdb through traefik with self-signed certificate. The root CA is installed on all devices. Windows PC and iOS is working fine but on android i get the same error as here:

@vrtmrz I try about headers it just fail to send to my server, and I found my Couchdb's log have error, so it's my ssl problem(I use NameCheap SSL), but it's only happen on my android phone app but working on my mobile browser , it's weird, anyway I'm try to find where wrong

The reqeuests made by Obsidain on Android are the same as here:

@vrtmrz I try about headers it just fail to send to my server, and I found my Couchdb's log have error, so it's my ssl problem(I use NameCheap SSL), but it's only happen on my android phone app but working on my mobile browser , it's weird, anyway I'm try to find where wrong

But i do not get the logcat messages like mentioned above.

I also tried the CouchDB/Caddy setup from https://github.com/vrtmrz/self-hosted-livesync-server with the same result. The local.ini is like the one mentioned above.

Thanks Philipp

[Porco24]

@pcsquirrel Hi, I think the question is because NameCheap SSL, I dont know what ssl you used, but maybe you can try about another ssl

[pcsquirrel]

@Porco24 Hi, as i have written i do not use NameCheap SSL. I use the self-signed certificate created by Caddy ( used this setup https://github.com/vrtmrz/self-hosted-livesync-server ) and created one with mkcert (https://github.com/FiloSottile/mkcert) and used it with traefik in front of CouchDB. For both the root-ca certificate is installed on all devices (Win/iOS/Android) and all except Android are working fine in both configurations.

[vrtmrz]

Thank you for while I was absent!

Manually installed root-CA will not be trusted on Obsidian on both Android and iOS devices even if browsers do. So using Let's encrypt is recommended. probably mkcert's one also could not be trusted. If you want to connect to the local internal servers, I recommend using the wildcard certificate of Lets's encrypt, and hosting DNS server to assign the subdomain to the internal address.

[pcsquirrel]

OK, thanks. I didn´t knew the fact obsidian on android is not trusting 3rd party root certificates, especially as it is working on iOS which is the more strict platform as android is. I will try it with Lets encrypt.

So then a hint at https://github.com/vrtmrz/self-hosted-livesync-server, that the solution with Caddys certificate is not working on android, would be usefull.

[pcsquirrel]

I have set up a Let´s encrypt certificate. Now it is working also an android. While doing my testing i discoverd one more fact. I tried the mkcert certificate also on an iOS 12 device (with Root CA) what did not work. Summarized: Self signed certificates ar working on Windows 10 and iOS 15 but do not work on Android 12 and iOS 12.

[GoulartNogueira]

I'm considering migrating to obsidian-livesync (with Android) and I'm worried I could have the same issues.

1. Is this issue fixed yet?
2. Is this a common problem?

How stable is this project, in general?

[Porco24]

Hi GoularNogueira I haven't used Android devices later on; instead, I switched to iOS, so I can't provide an accurate answer. Regarding this issue, it only occurred when I was using NameCheap's SSL. Additionally, concerning iOS devices, I consistently encountered app crashes after using plugins. Therefore, it is not particularly stable on the iOS mobile platform, but it has been stable on the PC side.