Poor connection error description (#205)
Artur Hefczyc opened 8 years ago
Due Date
2016-10-30

Currently I cannot connect to my account on jabber.org. All I get is "connection error". It does not say anything else.

From my notification bar, I can see that there is some sort of certificate problem with jabber.org. But the client does not show any option for accepting certificate or any other explanation what is wrong and how to correct it.

Cb Tester commented 8 years ago

In version: "3.0.0 RC6"

By commenting line 220 in app.src.main.java.org.tigase.messenger.phone.pre.service.service.SecureTrustManager you can use the app, currently this is the only way I got it working but sometimes errors come up, not sure if this is because of the certificate or another reason.

Daniel Wisnewski commented 8 years ago

Same issue is found trying to connect to sure.im XMPP service. Multiple accounts and different networks (tigase.im, sure.im, my own servers) yield the same issue: "Connection Error" is displayed on step 1 in connection. This could be a particular problem with new users to XMPP.

Cb Tester commented 8 years ago

I've found that adding a ca root certificate solves the connection error problem, it seems tigase messenger does not use the default ca certificates in android.

I've added a modified version of the following code to app\src\main\java\org\tigase\messenger\phone\pro\service\SecureTrustManagerFactory.java in the init function, and referenced to the downloaded ca certificate of the ca my xmpp server bought is't certificate from.

// Load CAs from an InputStream

// (could be from a resource or ByteArrayInputStream or ...)

CertificateFactory cf = CertificateFactory.getInstance("X.509");

// From https://www.washington.edu/itconnect/security/ca/load-der.crt

InputStream caInput = new BufferedInputStream(new FileInputStream("load-der.crt"));

Certificate ca;

try {

ca = cf.generateCertificate(caInput);

System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());

} finally {

caInput.close();

}

// Create a KeyStore containing our trusted CAs

String keyStoreType = KeyStore.getDefaultType();

KeyStore keyStore = KeyStore.getInstance(keyStoreType);

keyStore.load(null, null);

keyStore.setCertificateEntry("ca", ca);

source: https://developer.android.com/training/articles/security-ssl.html#SelfSigned

issue 1 of 1
Type
Bug
Priority
Blocker
Assignee
RedmineID
4560
Version
3.+.+
Issue Votes (0)
Watchers (0)
Reference
tigase/_clients/stork#205
Please wait...
Page is in error, reload to recover