Android app : certificate has expired


#1

Hello,

Connexion échouée – Error: https://apiv3.turtlapp.com/auth: an error occurred trying to connect: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1269: (certificate has expired)
Obviously this is a known issue on a certificate that expires today

How to get around this problem?

Regards Gilles


#2

Also the Linux app is giving a similar SSL error.


#3

Same here. Glad that it is not only me. Erm. Help?


#4

I am having the same issue. Both Android and Linux.


#5

Same here. In android and Ubuntu.


#6

Fixed in both Android & Linux as of this morning. Thanks to whoever did the fixing.


#7

I’m having the same issue on my own server + ubuntu and android clients… Any details on what was fixed because certificate has not expired ?


#8

I think a certificate did actually expire, the DST Root CA X3 from Let’s Encrypt.
More details here : https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

The problem is not fixed for me, it seems that the client is using a too old version of openssl.


#9

So it seems that turtl just became incompatible with let’s encrypt certificates:
From Let’s Encrypt:

if clients of your API are using OpenSSL, they must use version 1.1.0 or later.

From turtl/core-rs:

NOTE: If your system uses OpenSSL 1.1.0, you need to install OpenSSL 1.0.0 and tell make to use it


#10

Thanks it works now on all devices
Regards


#11

Just in case this helps anyone else:

I was running a locally compiled desktop client and a self-hosted server (using Let’s Encrypt certificates) so I had to remove the DST Root CA X3 certificate manually from resources/app/scripts/resources/cacert.pem.