Android app : certificate has expired

#1

Hello,

Connexion échouée – Error: https://apiv3.turtlapp.com/auth: an error occurred trying to connect: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1269: (certificate has expired)
Obviously this is a known issue on a certificate that expires today

How to get around this problem?

Regards Gilles

#2

Also the Linux app is giving a similar SSL error.

#3

Same here. Glad that it is not only me. Erm. Help?

#4

I am having the same issue. Both Android and Linux.

#5

Same here. In android and Ubuntu.

#6

Fixed in both Android & Linux as of this morning. Thanks to whoever did the fixing.

#7

I’m having the same issue on my own server + ubuntu and android clients… Any details on what was fixed because certificate has not expired ?

#8

I think a certificate did actually expire, the DST Root CA X3 from Let’s Encrypt.
More details here : https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

The problem is not fixed for me, it seems that the client is using a too old version of openssl.

#9

So it seems that turtl just became incompatible with let’s encrypt certificates:
From Let’s Encrypt:

if clients of your API are using OpenSSL, they must use version 1.1.0 or later.

From turtl/core-rs:

NOTE: If your system uses OpenSSL 1.1.0, you need to install OpenSSL 1.0.0 and tell make to use it

#10

Thanks it works now on all devices
Regards

#11

Just in case this helps anyone else:

I was running a locally compiled desktop client and a self-hosted server (using Let’s Encrypt certificates) so I had to remove the DST Root CA X3 certificate manually from resources/app/scripts/resources/cacert.pem.

#12

Hi guys,

I hope you’re well !
I get some troubles to connect my Turtl account on Android.
In effect, when i would like to connect, I’ve this message which appears.

_20211107_183442
_20211107_183442.JPG1071×1670 131 KB

I’ve read in the discussion that is the SSL certificate which can block on older release of Android and it’s necessary to install OpenSSL 1.0.0, I’m right ? In this case, someone could explain me how I can make this ?

Thank you in advance,

Voeg

#13

I can’t get Turtl to work any more either on my Mac or Android phone. Any help would be gratefully received. Thanks.

#14

I can’t login to Turtl on my Windows desktop. I’m getting a generic “Couldn’t connect to the server” message. Anyone else seeing this? Are there still SSL Certificate issues present in Turtl app affecting other kinds of clients?

#15

I’ve got the same problem. Any ideas? This project seems to be abandoned by developers.

Screenshot_20211117-104606
Screenshot_20211117-104606.png1080×1920 144 KB

#16

Hi, I believe this issue is fixed. Let’s Encrypt’s recent change (https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/) really kind of messed things up. I did a lot of work to support Android (and managed to get new devices working) but for some reason old ones just couldn’t use ANY of the chains provided by LE.

So I scrapped it and am now using a cheap/crappy $5 SSL certificate from one of those bargain bin sellers. Should be working again. Keep in mind, the website (turtlapp.com) and the OLD api (from v0.6) are still using Let’s Encrypt and I’m not going to switch them over, but the api the android app uses (apiv3.turtlapp.com) is now using a trusted certificate that should hopefully give no problems.

#17

Hi Andrew,
First of all, thank you for all your hard work and for creating this awesome app! Been using it for several years and I absolutely love it.
Do you have any plans to update the android app so that it works with last year’s LE changes?
I’m using a self-hosted server running on debian 9 and I’m not able to login on Android (although the desktop version on windows 10 works fine).
Do you have any advice on what i need to do to be able to login on android again?
Thanks in advance!