• Hi,

    Sorry to ask for help but I didn’t find a related solution and tried many things but problem still appears.
    When trying to connect to my Nextcloud server, I get the following error during sync :

    --- BEGIN DEBUG INFO ---
    SYNCHRONIZATION INFO
    Account name: account_changed@account.com
    
    EXCEPTION:
    java.net.SocketTimeoutException: SSL handshake timed out
    	at org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
    	at org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:406)
    	at org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:226)
    	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:367)
    	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:325)
    	at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:197)
    	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:249)
    	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:108)
    	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:76)
    	at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:245)
    	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:100)
    	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:82)
    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:100)
    	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:100)
    	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:100)
    	at okhttp3.brotli.BrotliInterceptor.intercept(BrotliInterceptor.kt:39)
    	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:100)
    	at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:197)
    	at okhttp3.internal.connection.RealCall.execute(RealCall.kt:148)
    	at at.bitfire.dav4jvm.DavResource$propfind$1.invoke(DavResource.kt:325)
    	at at.bitfire.dav4jvm.DavResource$propfind$1.invoke(DavResource.kt:36)
    	at at.bitfire.dav4jvm.DavResource.followRedirects(DavResource.kt:380)
    	at at.bitfire.dav4jvm.DavResource.propfind(DavResource.kt:320)
    	at at.bitfire.davdroid.DavService$refreshCollections$1.invoke(DavService.kt:194)
    	at at.bitfire.davdroid.DavService$refreshCollections$1.invoke$default(DavService.kt:157)
    	at at.bitfire.davdroid.DavService.refreshCollections(DavService.kt:278)
    	at at.bitfire.davdroid.DavService.access$refreshCollections(DavService.kt:38)
    	at at.bitfire.davdroid.DavService$onStartCommand$$inlined$let$lambda$1.invoke(DavService.kt:75)
    	at at.bitfire.davdroid.DavService$onStartCommand$$inlined$let$lambda$1.invoke(DavService.kt:38)
    	at kotlin.concurrent.ThreadsKt$thread$thread$1.run(Thread.kt:30)
    
    SOFTWARE INFORMATION
    * at.bitfire.davdroid 3.0-ose2 (300000004) from com.android.packageinstaller
    * org.dmfs.tasks 1.2.3 (77600) from com.android.vending
    * com.android.providers.contacts 7.0 (19)
    * com.android.providers.calendar 7.0 (24)
    * com.samsung.android.contacts 3.2.00.8 (320000008)
    * com.samsung.android.calendar 4.0.06.502 (400600502)
    
    CONNECTIVITY (at the moment)
    - [ Transports: WIFI Capabilities: WIFI_P2P&NOT_RESTRICTED&TRUSTED&NOT_VPN LinkUpBandwidth>=1048576Kbps LinkDnBandwidth>=1048576Kbps]
    - [ Transports: WIFI Capabilities: NOT_METERED&INTERNET&NOT_RESTRICTED&TRUSTED&NOT_VPN&VALIDATED LinkUpBandwidth>=1048576Kbps LinkDnBandwidth>=1048576Kbps SignalStrength: -65]
    
    CONFIGURATION
    Power saving disabled: yes
    Notifications (not blocked):
    Permissions:
      READ_CONTACTS: granted
      WRITE_CONTACTS: granted
      READ_CALENDAR: granted
      WRITE_CALENDAR: granted
      READ_TASKS: granted
      WRITE_TASKS: granted
      ACCESS_COARSE_LOCATION: denied
    System-wide synchronization: automatically
    
    ACCOUNTS
    Account: account_changed@account.com
      Address book sync. interval: 240 min
      Calendar     sync. interval: 240 min
      OpenTasks    sync. interval: 240 min
      WiFi only: false
      [CardDAV] Contact group method: CATEGORIES
      [CalDAV] Time range (past days): 90
               Manage calendar colors: true
               Use event colors: false
    Address book account: Contacts (account_changed@account.com Kw)
      Main account: Account {name=account_changed@account.com, type=bitfire.at.davdroid}
      URL: https://changed-address.com/remote.php/dav/addressbooks/users/changed_user/contacts/
      Sync automatically: true
    
    SQLITE DUMP
    android_metadata
    	|  locale |
    	|  fr_FR |
    ----------
    service
    	|  id | accountName | type | principal |
    	|  1 | account_changed@account.com | carddav | https://changed-address.com/remote.php/dav/principals/users/changed_user/ |
    	|  2 | account_changed@account.com | caldav | https://changed-address.com/remote.php/dav/principals/users/changed_user/ |
    ----------
    sqlite_sequence
    	|  name | seq |
    	|  service | 2 |
    	|  homeset | 2 |
    	|  collection | 3 |
    ----------
    homeset
    	|  id | serviceId | url | privBind | displayName |
    	|  1 | 2 | https://changed-address.com/remote.php/dav/calendars/changed_user/ | 1 | <null> |
    	|  2 | 1 | https://changed-address.com/remote.php/dav/addressbooks/users/changed_user/ | 1 | <null> |
    ----------
    collection
    	|  id | serviceId | type | url | privWriteContent | privUnbind | forceReadOnly | displayName | description | color | timezone | supportsVEVENT | supportsVTODO | supportsVJOURNAL | source | sync |
    	|  1 | 2 | CALENDAR | https://changed-address.com/remote.php/dav/calendars/changed_user/personal/ | 1 | 1 | 0 | Personnel | <null> | <null> | <null> | 1 | 1 | 0 | <null> | 0 |
    	|  2 | 2 | CALENDAR | https://changed-address.com/remote.php/dav/calendars/changed_user/contact_birthdays/ | 0 | 0 | 0 | Anniversaires des contacts | <null> | -54 | <null> | 1 | 0 | 0 | <null> | 0 |
    	|  3 | 1 | ADDRESS_BOOK | https://changed-address.com/remote.php/dav/addressbooks/users/changed_user/contacts/ | 1 | 1 | 0 | Contacts | <null> | <null> | <null> | <null> | <null> | <null> | <null> | 1 |
    ----------
    room_master_table
    	|  id | identity_hash |
    	|  42 | hash_changed |
    ----------
    
    SYSTEM INFORMATION
    Android version: 7.0 (NRD90M.A510FXXS8CSF3)
    Device: samsung SM-A510F (a5xelte)
    
    --- END DEBUG INFO ---
    

    Certificate is from Letsencrypt.

    I tried the recommended SSL/TLS configuration for the Apache server (currently i’m using the modern quite restrictive) but it doesn’t changed anything. Also Nextcloud application works well, that’s why I believe the problem may come from Davx5…

    TLS 1.2 and TLS 1.3 are enabled on the server side.

    TLS 1.3

    TLS_AES_128_GCM_SHA256 (0x1301)   ECDH x25519 (eq. 3072 bits RSA)   FS	128
    TLS_AES_256_GCM_SHA384 (0x1302)   ECDH x25519 (eq. 3072 bits RSA)   FS	256
    TLS_CHACHA20_POLY1305_SHA256 (0x1303)   ECDH x25519 (eq. 3072 bits RSA)   FS	256
    

    TLS 1.2

    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   DH 2048 bits   FS	128
    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH secp521r1 (eq. 15360 bits RSA)   FS	128
    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 2048 bits   FS	256
    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH secp521r1 (eq. 15360 bits RSA)   FS	256
    TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)   ECDH secp521r1 (eq. 15360 bits RSA)   FS	256.
    

    Thanks in advance for your help.

    LoiX

    PS : Also to contribute a bit at this cool project, I’ve just finished the French translation.

  • admin

    Can you send us a hostname where we can check this ourselfes? Did you select “Distrust system certificates” in the DAVx5 settings? Can you check that?

    Thank you for the translation!

Similar topics