No connection between Nextcloud & Davdroid

  • Setup: NC 11.0.2 / DavDroid 1.4.1
    CardDav on iOS is working / Android with DavDroid not ...


    Maybe someone can help me.
    Thanks a lot

  • developer

    	Caused by: SSL handshake terminated: ssl=0x7430a21800: Failure in SSL library, usually a protocol error
    error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE (external/boringssl/src/ssl/s3_pkt.c:641 0x744c571d80:0x00000001)
    error:1000009a:SSL routines:OPENSSL_internal:HANDSHAKE_FAILURE_ON_CLIENT_HELLO (external/boringssl/src/ssl/s3_clnt.c:800 0x744c7702db:0x00000000)
    		at Method)
    		... 36 more

    There's a TLS problem. Did you make sure your server TLS settings are correct and compatible with your Android version?

  • Hi rfc2822

    I'm using NGINX 1.10.11.
    Here is my ssl-setup. I know it seems not to be an DavDroid-Problem, but I would appreciate if you or another one have a hint to solve this problem.

    Thank you

  • developer

    Does it work with default TLS settings?

  • I'm not so experienced, but this setup works on iOS. If you have an line to edit I can test it ...

  • @rfc2822 Just an update ... Testing with an "Android 6 Device" it's working, and testing with "CardDav Sync free" it's also working ... so it should be the issue with DavDroid & Android 7 - acutally I'm using the latest Version of DavDroid (
    Thank you for your support.

  • So the issue indeed seems to be with Android 7 in some way, depending on how you configured your server, I'll just copy a github comment i accidentally made to the wrong place.

    I can confirm that the f-droid version was affected, the offending nginx config is this:
    ssl_ecdh_curve secp384r1;

    other relevant ssl config lines:

    ssl_protocols TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ecdh_curve secp384r1;
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 5m;
    ssl_session_tickets off;
    ssl_stapling on;
    ssl_stapling_verify on;

    So with that option commented out it's working fine, I'm on from f-droid and android 7.

    Apparently Android 7 supports only up to secp256r1, this was supposedly fixed in 7.1.1.

    Aside that, a bit of a rant, why are gitlab issues not enabled and instead this forum is used as a bug report tool? I have to create yet another account and wade through 5 google captchas just to write this.


Looks like your connection to Bitfire App Forums was lost, please wait while we try to reconnect.