Untrusted Certificate at Account Setup



  • Hi guys!

    I'm reconfiguring DavDroid to sync with my ownCloud 9.1 Server. I have a SSL-Certificate issued by CA Cert. It also shows correctly if I open the https server URL in the phones browser. But when I setup my server in DAVdroid, I get a random untrusted certificate showing up. I'm shocked and concerned about the saftey with DAVdroid. I uninstalled DAVdroid and reinstalled the latest version from F-Droid. Same problem.

    Please let me know where this certificate comes from.

    0_1485880510790_photo_2017-01-31_17-34-30.jpg

    This is my certificate...
    0_1485880561885_photo_2017-01-31_17-34-44.jpg


  • developer

    Your server certificate is not trustworthy by default. As far as I know, CAcert is not in default trust stores. You can probably check at https://www.ssllabs.com/ssltest/ Maybe you have accepted the certificate in your browser some time ago?

    This doesn't seem to be a DAVdroid problem (because DAVdroid is not related to managing system certificates), so I suggest to either add CAcert to your system certificates, or just verify and accept the certificate in DAVdroid, or use another CA which is trusted by the default Android system (like letsencrypt).



  • Yes, but why does it show me then this certificate? Can I trust it?


  • developer

    @jeronemo said in Untrusted Certificate at Account Setup:

    Yes, but why does it show me then this certificate? Can I trust it?

    Because it cannot be trusted automatically. You have to verify it to know whether you can trust it. Please ask your admin (or whoever has used CAcert for your server) for more information.


Log in to reply
 

Looks like your connection to Bitfire App Forums was lost, please wait while we try to reconnect.