Unable to connect using android app, but works on chrome #620
Comments
|
Do you by any chance use Let's Encrypt certificates? Your device might not trust the new root certificates. @Maxr1998 maybe we should print the full stack traces here https://github.com/jellyfin/jellyfin-android/blob/99fb25b3b10fc5592780f6728f2c69bc7e5fed91/app/src/main/java/org/jellyfin/mobile/setup/ConnectFragment.kt to help troubleshoot issues like this one. |
|
We catch a bunch of exceptions in the Ktorclient and map those to an class extending ApiClientException. After that we catch Right now there is no exception in Ktor (multiplatform) to catch SSL issues so it might be tricky to implement. |
|
Yes, I'm using Lets Encrypt certificates. Why would it work on chrome browser of the same device? And the same certificate works for other android devices. Am I getting this wrong? |
|
The browser probably ships its own certificates or the intermediate certificates are cached. Your other devices might be newer and support the root cert on their own. Regardless, you should run your site through the SSL Server Test to check if this is actually the issue you have. |
|
The server is not facing the internet, but I'll try to find a tool that can validate it locally. Apparently each application are entrusted with this task since Android 6. Is it possible that this application wasn't included/affected with their fix when it expired back in September? There most have been some changes how it handles Root CAs between Android 7 and 9? (It works well on my other newer devices) I will give a shot using a certificate issued by my domain provider, see if that resolves the problem. Unfortunately I wouldn't find that as a viable permanent solution. (Arguably I'm due for a new phone, but I'm thinking about other users as well) PS: As a full time single father I don't have much free time, but tell me what you need and I'll do my best to get it. |
You actually nailed it. After a succesfull connection to the demo server (https://demo.jellyfin.org/stable/), I was able to connect to my local server. Although I'm not sure what I'm supposed to do with the fullchain.pem. I tried generating a pfx using both (cert.pem and fullchain.pem) with the same result. At least there's a workaround that makes my older device functional. Thanks for that! |
|
I didn't realise there was a specific requirement related to LetsEncrypt certificates. I simply treated it like any other SSL Certificate. I'll follow this and get back on it. |
|
Alright, let us know when you fixed it, then we can close the issue. I'll mark it as duplicate already since it seems to be the same issue as #571. |
|
Okay after I read the article I previously shared, it seems to apply for load balancers, which I don't use in my current setup. Here's the script I used to generate the PFX file (Hoping I got this wrong and it's an easy fix) Declaring Variable Reported to work Tried concatenating the fullchain.pem to the key as suggested for HAProxy Same results for everything else I tried. Again, all the basics are covered (Permission, certificate valid, etc...) since it works well on everything else. I would be happy to be dumb here and be missing something obvious... |
That should indeed work. Maybe the old certificate is cached somewhere? Try clearing the app's data after setting up the cert and restarting the server. I use traefik as a reverse-proxy, so I unfortunately can't help much more with this.. |
|
I recreated the chain.pfx file using the command above and restarted jellyfin's services. Same result unfortunately. I would rather use a direct HTTPS connection over a loadbalancer offloading since I positioned my jellyfin server strategically so that it wouldn't interfere with my other network heavy workloads. |
|
This issue has gone 120 days without comment. To avoid abandoned issues, it will be closed in 21 days if there are no new comments. If you're the original submitter of this issue, please comment confirming if this issue still affects you in the latest release or master branch, or close the issue if it has been fixed. If you're another user also affected by this bug, please comment confirming so. Either action will remove the stale label. This bot exists to prevent issues from becoming stale and forgotten. Jellyfin is always moving forward, and bugs are often fixed as side effects of other changes. We therefore ask that bug report authors remain vigilant about their issues to ensure they are closed if fixed, or re-confirmed - perhaps with fresh logs or reproduction examples - regularly. If you have any questions you can reach us on Matrix or Social Media. |
|
So I encountered a very similar issue working with Nextcloud. My client worked fine on my android device until I finally fixed the "User Certificate Check" cronjob that failed for a while. I managed to resolve this by adding the following line to my Apache config: I will try to perform the same fix on jellyfin when I get a chance and document the steps here if successful. |
|
I didn't get a chance to attempt this on jellyfin yet, but it seems supporting older device is up to the app developers. (See reference below) The solution for me according to LetsEncrypt is to install Firefox since it also contains a local store of the necessary trusts. I'm seriously considering replacing this device, but I think jellyfin has the capability to embed the missing certificate so that no workaround is required. Cheers and still great work on this project. |
Was this ever done? Currently, everything seems setup correctly, works in all browsers I tested so far and ssl labs doesn't return any errors, but connection is still not possible. How to debug it then? |
|
I have same problem. I use the Let's Encrypt and renewed the certificate. But the jellyfin app still cannot connect on my server. |
Describe the bug
First off, the software is amazing and I have another more modern device that works very well.
I've completed the entire network's configuration but for some reason, one specific device's android application won't connect.
Here's some additional details to break it down:
Device1 = Samsung S6 running Android 7
Device2 = Samsung S9 running Android 9
Device3 = NVIDIA TV Shield 4K (Latest)
In short, the android app on a specific device is unable to connect, which its browser is able to connect. Which indicates that the device is able to reach the server.
The Jellyfin Client did successfully discover the server, but still won't connect to it.
The jellyfin server doesn't get any request from the affected android client.
The configuration is LAN for now until MFA is added, so no reverse proxy is involved.
See attached logs. (I edited out the domain name)
The most relevant information that I can see is "org.jellyfin.sdk.api.client.exception.ApiClientException: Unknown error occurred!"
I'm not in any rush to get this resolved, but I wonder if I could get additional logging enabled.
Logs
02-10 19:43:26.331 3659 9179 I ActivityManager: START u0 {act=android.intent.action.MAIN typ=null flg=0x10200000 cmp=ComponentInfo{org.jellyfin.mobile/org.jellyfin.mobile.MainActivity}} from uid 10083 on display 0 02-10 19:43:26.333 3659 9179 D ActivityManager: computeStackFocus: New stack r=ActivityRecord{5d79511d0 u0 org.jellyfin.mobile/.MainActivity t-1} stackId=1 02-10 19:43:26.334 3659 9179 D ActivityManager: moveToFront() : reason=startedActivity setFocusedActivity isAttached=true TaskRecord{90f714dd0 #4934 A=org.jellyfin.mobile U=0 StackId=1 sz=1} 02-10 19:43:26.336 3659 9179 D ActivityManager: resumeTopActivityInnerLocked() : #1 prevTask=TaskRecord{90f714dd0 #4934 A=org.jellyfin.mobile U=0 StackId=1 sz=1} next=ActivityRecord{5d79511d0 u0 org.jellyfin.mobile/.MainActivity t4934} mFocusedStack=ActivityStack{7a51138d0 stackId=1, 1 tasks} 02-10 19:43:26.338 3659 3683 D WindowManager: openInputChannel mInputChannel: e467d05 Starting org.jellyfin.mobile (server) 02-10 19:43:26.343 3659 9178 D ActivityManager: resumeTopActivityInnerLocked() : #1 prevTask=TaskRecord{6cbaf40d0 #4923 A=com.sec.android.app.launcher U=0 StackId=0 sz=1} next=ActivityRecord{5d79511d0 u0 org.jellyfin.mobile/.MainActivity t4934} mFocusedStack=ActivityStack{7a51138d0 stackId=1, 1 tasks} 02-10 19:43:26.343 3659 9178 D ActivityManager: applyOptionsLocked, ANIM_CUSTOM_SCALE_UP, task.getRootActivity() : ActivityRecord{5d79511d0 u0 org.jellyfin.mobile/.MainActivity t4934}, task.getTaskToReturnTo() : 1 02-10 19:43:26.343 3659 9178 D MountService: getExternalStorageMountMode : final mountMode=1, uid : 10219, packageName : org.jellyfin.mobile 02-10 19:43:26.350 3659 3683 V WindowManager: Relayout Window{e467d05d0 u0 Starting org.jellyfin.mobile}: viewVisibility=0 req=1440x2464 WM.LayoutParams{(0,0)(fillxfill) sim=#20 ty=3 fl=#81830118 pfl=0x20011 wanim=0x1030465 vsysui=0x600 needsMenuKey=2 naviIconColor=0} 02-10 19:43:26.354 3659 9178 I ActivityManager: Start proc 21632:org.jellyfin.mobile/u0a219 for activity org.jellyfin.mobile/.MainActivity 02-10 19:43:26.355 21632 21632 I SELinux : SELinux: seapp_context_lookup: seinfo=untrusted, level=s0:c512,c768, pkgname=org.jellyfin.mobile 02-10 19:43:26.371 3659 4832 I ActivityManager: DSS on for org.jellyfin.mobile and scale is 1.0 02-10 19:43:26.376 3659 3659 D GameManagerService: NotifyRunnable. pkg: org.jellyfin.mobile, type: 4, isMinimized: false, isTunableApp: false 02-10 19:43:26.377 3659 4832 D MARsPolicyManager: handlePackageResumedFG pkgName = org.jellyfin.mobile, userId = 0 02-10 19:43:26.379 3659 8247 D GamePkgDataHelper: getGamePkgData(). org.jellyfin.mobile 02-10 19:43:26.380 3659 8247 D GameManagerService: identifyGamePackage. org.jellyfin.mobile 02-10 19:43:26.380 3659 8247 D GameManagerService: identifyGamePackage. org.jellyfin.mobile 02-10 19:43:26.382 3659 8247 D GameManagerService: identifyGamePackage. org.jellyfin.mobile 02-10 19:43:26.382 3659 8247 D GameManagerService: identifyGamePackage. org.jellyfin.mobile 02-10 19:43:26.382 3659 3683 D WindowManager: finishDrawingWindow: Window{e467d05d0 u0 Starting org.jellyfin.mobile} mDrawState=DRAW_PENDING 02-10 19:43:26.387 3659 3683 D WindowManager: finishDrawingWindow: Window{e467d05d0 u0 Starting org.jellyfin.mobile} mDrawState=HAS_DRAWN 02-10 19:43:26.509 3659 3917 D MdnieScenarioControlService: packageName : org.jellyfin.mobile className : org.jellyfin.mobile.MainActivity 02-10 19:43:26.663 3659 3670 D WindowManager: openInputChannel mInputChannel: b2cfcdc org.jellyfin.mobile/org.jellyfin.mobile.MainActivity (server) 02-10 19:43:26.678 3659 4818 V WindowManager: Relayout Window{b2cfcdcd0 u0 org.jellyfin.mobile/org.jellyfin.mobile.MainActivity}: viewVisibility=0 req=1440x2464 WM.LayoutParams{(0,0)(fillxfill) sim=#120 ty=1 fl=#81810100 pfl=0x20000 wanim=0x1030465 vsysui=0x600 needsMenuKey=2 naviIconColor=0} 02-10 19:43:26.756 21632 21632 V InputMethodManager: Starting input: tba=android.view.inputmethod.EditorInfo@f82f752 nm : org.jellyfin.mobile ic=null 02-10 19:43:26.756 3659 4832 V InputMethodManagerService: windowGainedFocus: reason=WINDOW_FOCUS_GAIN client=android.os.BinderProxy@1ccac29 inputContext=null missingMethods= attribute=android.view.inputmethod.EditorInfo@afb0ac8 nm = org.jellyfin.mobile controlFlags=#104 softInputMode=#120 windowFlags=#81810100 02-10 19:43:26.792 3659 9179 D WindowManager: finishDrawingWindow: Window{b2cfcdcd0 u0 org.jellyfin.mobile/org.jellyfin.mobile.MainActivity} mDrawState=DRAW_PENDING 02-10 19:43:26.794 21632 21632 V InputMethodManager: Starting input: tba=android.view.inputmethod.EditorInfo@f4dba75 nm : org.jellyfin.mobile ic=null 02-10 19:43:26.797 3659 3683 I ActivityManager: Displayed org.jellyfin.mobile/.MainActivity: +453ms 02-10 19:43:26.797 3659 3683 D WindowManager: disposeInputChannel mInputChannel: e467d05 Starting org.jellyfin.mobile (server) 02-10 19:43:26.801 21632 21632 D InputMethodManager: ISS - flag : 1Pid : 21632 view : org.jellyfin.mobile 02-10 19:43:26.802 21632 21632 V InputMethodManager: Starting input: tba=android.view.inputmethod.EditorInfo@d8fc32d nm : org.jellyfin.mobile ic=com.android.internal.widget.EditableInputConnection@57c0062 02-10 19:43:26.815 5742 5742 I AndroidIME: AbstractIme.onActivate():86 LatinIme.onActivate() : EditorInfo = inputType=URI imeActionName=DONE dump=[inputType=0x11 imeOptions=0x6 privateImeOptions=null actionLabel=null actionId=0 initialSelStart=0 initialSelEnd=0 initialCapsMode=0x0 hintText=Host label=null packageName=org.jellyfin.mobile fieldId=2131362107 fieldName=null extras=Bundle[{androidx.core.view.inputmethod.EditorInfoCompat.CONTENT_SELECTION_HEAD=0, androidx.core.view.inputmethod.EditorInfoCompat.CONTENT_SELECTION_END=0, androidx.core.view.inputmethod.EditorInfoCompat.CONTENT_SURROUNDING_TEXT=}] hintLocales=null ], IncognitoMode = false, DeviceLocked = false 02-10 19:43:26.989 3659 3683 I WindowManager_SurfaceController: Destroying surface Surface(name=Starting org.jellyfin.mobile) called by com.android.server.wm.WindowStateAnimator.destroySurface:2907 com.android.server.wm.WindowStateAnimator.destroySurfaceLocked:1120 com.android.server.wm.WindowState.destroyOrSaveSurface:2692 com.android.server.wm.AppWindowToken.destroySurfaces:424 com.android.server.wm.AppWindowToken.destroySurfaces:388 com.android.server.wm.WindowStateAnimator.finishExit:686 com.android.server.wm.WindowStateAnimator.stepAnimationLocked:570 com.android.server.wm.WindowAnimator.updateWindowsLocked:439 02-10 19:43:26.994 3659 3917 D MdnieScenarioControlService: packageName : org.jellyfin.mobile className : org.jellyfin.mobile.MainActivity 02-10 19:43:30.698 21632 21632 I ConnectFragment: No valid servers found, invalid candidates were: https://host.domain.com:8920/Failure(org.jellyfin.sdk.api.client.exception.ApiClientException: Unknown error occurred!) 02-10 19:43:30.714 21632 21632 V InputMethodManager: Starting input: tba=android.view.inputmethod.EditorInfo@1539b3d nm : org.jellyfin.mobile ic=com.android.internal.widget.EditableInputConnection@813df32 02-10 19:43:32.383 3659 8247 D GameManagerService: identifyGamePackage. org.jellyfin.mobileApplication version
2.4.2
Where did you install the app from?
Google Play
Device information
Samsung Galaxy 6
Android version
Android 7
Jellyfin server version
10.7.7
Which video player implementations does this bug apply to?
The text was updated successfully, but these errors were encountered: