No connection between Nextcloud & Davdroid
tescher last edited by rfc2822
Setup: NC 11.0.2 / DavDroid 1.4.1
CardDav on iOS is working / Android with DavDroid not …
Maybe someone can help me.
Thanks a lot
Caused by: javax.net.ssl.SSLProtocolException: SSL handshake terminated: ssl=0x7430a21800: Failure in SSL library, usually a protocol error error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE (external/boringssl/src/ssl/s3_pkt.c:641 0x744c571d80:0x00000001) error:1000009a:SSL routines:OPENSSL_internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO (external/boringssl/src/ssl/s3_clnt.c:800 0x744c7702db:0x00000000) at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method) at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:364) ... 36 more
There’s a TLS problem. Did you make sure your server TLS settings are correct and compatible with your Android version?
tescher last edited by
I’m using NGINX 1.10.11.
Here is my ssl-setup. I know it seems not to be an DavDroid-Problem, but I would appreciate if you or another one have a hint to solve this problem.
Does it work with default TLS settings?
tescher last edited by
I’m not so experienced, but this setup works on iOS. If you have an line to edit I can test it …
tescher last edited by tescher
@rfc2822 Just an update … Testing with an “Android 6 Device” it’s working, and testing with “CardDav Sync free” it’s also working … so it should be the issue with DavDroid & Android 7 - acutally I’m using the latest Version of DavDroid (126.96.36.199).
Thank you for your support.
jgjorgji last edited by
So the issue indeed seems to be with Android 7 in some way, depending on how you configured your server, I’ll just copy a github comment i accidentally made to the wrong place.
I can confirm that the f-droid version was affected, the offending nginx config is this:
other relevant ssl config lines:
So with that option commented out it’s working fine, I’m on 188.8.131.52-ose from f-droid and android 7.
Apparently Android 7 supports only up to secp256r1, this was supposedly fixed in 7.1.1.
Aside that, a bit of a rant, why are gitlab issues not enabled and instead this forum is used as a bug report tool? I have to create yet another account and wade through 5 google captchas just to write this.