Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Android 9 SSL Bug #82

Open
devmau5 opened this issue Mar 15, 2020 · 3 comments
Open

Android 9 SSL Bug #82

devmau5 opened this issue Mar 15, 2020 · 3 comments

Comments

@devmau5
Copy link

devmau5 commented Mar 15, 2020

I currently run the app on two devices: a phone (Galaxy S9) and a tablet. The tablet has no issues connecting to my mosquitto broker. However my phone does not seem to connect no matter what I do, despite both having identical settings, except for the client certificates of course. I keep getting this error in the mosquitto logs:

OpenSSL Error: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown
OpenSSL Error: error:140940E5:SSL routines:ssl3_read_bytes:ssl handshake failure
Socket error on client <unknown>, disconnecting.

I have tested the certificate itself with mosquitto_pub/sub and it seems to be working, but once I copy it to the app the status area says reconnecting and the above keeps showing up in the logs every minute or so.
@deepessh
Copy link
Owner

Thanks for raising the issue. I’ll look into it.

@MrMiracles
Copy link

Have the some problem.
Weird thing is, any configuration changes after the first one are not picked up. I tried for example the websocket version (which runs on port 8833) but according to the Mosquitto log it keep trying to connect to port 8883. Which is weird if you ask me, and might help you figuring out this problem...

  • Tried deleting the broker and at a new one, still keeps connecting on 8883
  • Tried to disable the broker, still keeps trying to connect

btw:

  • The app shows at the top that it's trying to connect to port 8833, mosquitto tells me otherwise.
  • Owntracks works fine on the same phone with the same certificates and credentials.
1585141101: New connection from xx.xxx.xxx.xxx on port 8883.
1585141101: OpenSSL Error[0]: error:14035416:SSL routines:ACCEPT_SR_CERT:sslv3 alert certificate unknown
1585141101: OpenSSL Error[1]: error:140350E5:SSL routines:ACCEPT_SR_CERT:ssl handshake failure
1585141101: Socket error on client <unknown>, disconnecting.

@devmau5
Copy link
Author

devmau5 commented Apr 11, 2020

@dc297 some additional notes on this issue:

  • After seeing @MrMiracles comment I tried clearing all app data. Even after re-adding the configuration it was still unable to connect.
  • Even after the broker configuration is set to disabled the app seems to still be trying to connect, though it seems to be retrying with an exponential backoff compared to the ~10 second delay when the broker is enabled.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@deepessh @devmau5 @MrMiracles