Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

3.29.0 doesnt connect and spams with "No client certificate found" dialog #12931

Open
4 tasks done
mlilien opened this issue Apr 24, 2024 · 11 comments
Open
4 tasks done

3.29.0 doesnt connect and spams with "No client certificate found" dialog #12931

mlilien opened this issue Apr 24, 2024 · 11 comments
Labels
bug

Comments

@mlilien
Copy link

mlilien commented Apr 24, 2024

⚠️ Before posting ⚠️

  • This is a bug, not a question or an enhancement.
  • I've searched for similar issues and didn't find a duplicate.
  • I've written a clear and descriptive title for this issue, not just "Bug" or "Crash".
  • I agree to follow Nextcloud's Code of Conduct.

Steps to reproduce

connect to server via android app 3.29.0

Expected behaviour

  • be able to connect to server
  • client certificate handling should be imho optional
  • documentation how to handle client certificate e.g. if using LetsEncrypt for nextcloud server is preferable

Actual behaviour

I can not connect and get a "No client certificate found" which i can cancel, but then the dialog appears again

Android version

14

Device brand and model

google pixel 7a

Stock or custom OS?

Stock

Nextcloud android app version

3.29.0

Nextcloud server version

27.1.4

Using a reverse proxy?

Yes

Android logs

No response

Server error logs

No response

Additional information

reverse proxy is traefik
@mlilien mlilien added the bug label Apr 24, 2024
@ne20002
Copy link

ne20002 commented Apr 26, 2024
edited
Loading

I have this nagging on current iOS client after I added optional mTLS on my reverse proxy.

@Haugi88
Copy link

Haugi88 commented Apr 29, 2024

I have the same issue. Only Problem to connect is the App. I have unraid, NGINX reverse and cloudflare.

@chomama05
Copy link

I have the same issue. Browser access works, but android app keeps telling me 'No client certificate was found Do you want to install a TLS client certificate'

@ne20002
Copy link

ne20002 commented May 1, 2024
edited
Loading

I got the update from F-Droid. I must say, version 3.29.0 is requiring a client certificate even though it is configured optional on the server.

This is the nginx config:

    ssl_client_certificate  /etc/nginx/client_certs/clientCertsCA-chain.pem;
    ssl_verify_client       optional_no_ca;
    ssl_verify_depth        1;

It works with Firefox (with or w/o certificate, it asks only once). It works with Nextcloud Android app 3.29.0 if a user certificate has been installed on the device. It offers to choose one and uses it.

But if there is no certificate on the device, it always reopens the popup asking to install a certificate, even though I choose Cancel all the time. This prevents the app from opening. For a mtls certificate being optional this is not ok.

The iOS app is not much better. It pops up all the time saying the certificate of the server has changed (it does not) and ask if the certificate is trusted. When selecting yes the app is usable until it pops up again.

As long as these problems exist using client certificates is simply not possible. :(

@localguru
Copy link

Same as @ne20002
The App ignores all optional ssl_verify_client settings, but turning ssl_verify_client off.

@ne20002 ne20002 mentioned this issue May 10, 2024
Open
4 tasks
@Niceclear
Copy link

Hello,

I had the same issue.

To solve it, I just removed the host from "Client Certificates" on cloudflare.

image

@ne20002
Copy link

ne20002 commented May 21, 2024

To solve it, I just removed the host from "Client Certificates" on cloudflare.

With what you disabled check of client certificates all together? So just set support for client certificates to off on your host?
This is not solving the problem. ;)

@Niceclear
Copy link

Niceclear commented May 21, 2024
edited
Loading

With what you disabled check of client certificates all together? So just set support for client certificates to off on your host? This is not solving the problem. ;)

Maybe we don't have the same problem.

My problem was the following error "No client certificate found" like the author.

I checked my cloudflare configuration, and saw that the "Client certificates" option was enabled (an error on my part in the past). I just disabled it and I didn't get the error on the app anymore.

From what I understand, you want to enabled it. But me I don't want.

@ne20002 ne20002 mentioned this issue Jun 5, 2024
Merged
@gabrix73
Copy link

gabrix73 commented Jun 7, 2024

Same issue here, ok from desktop pc, client certificate "mandatory" for successful authentication in Android 14 .
Nextcloud server tls from my vps is configured with letsencrypt certificates.

@jlnau
Copy link

jlnau commented Jun 12, 2024

The mobile app stopped working on Android 14 - 'No client certificate was found'. I tested with fresh Nextcloud server installs on Truenas and Linux, with the same result.

@macdaddybighorn
Copy link

Same issue here, using nextcloud through cloudflare zero trust tunnel. Pixel 7 (Android 14). Stopped working in 3.29.0 so I've been using 3.28.02 since. Just tested 3.29.2 and still broken, just following the open issue here. As a user I'm thankful for those smart enough to contribute!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@mlilien @localguru @gabrix73 @chomama05 @ne20002 @Niceclear @jlnau @macdaddybighorn @Haugi88