Description
Describe the bug
Private Domoticz server configured with SSL generated by a private CA. The Root CA certificate is imported into Android CA store.
Visiting the Domoticz server on Android via HTTPS in a browser (Chrome) states the site is secure. Viewing the certificate correctly shows the certificate and full certification chain.
Configuring the same destination server in Domoticz Lite, I get the following message on every application start:
Accept Unknown Certificate
The server certificate is not signed
by a known Certificate Authority.Do you want to connect anyway?
Certificate details:
.... same certificate details as Chrome shows ....
[Always] [Once] [Abort]
The Domoticz server is addressed by FQDN in the browser as well as in the Domoticz Lite application and the CN of the SSL certificate (as well as its SAN) matches that FQDN.
To Reproduce
Steps to reproduce the behavior:
- configure Domoticz with a SSL certificate signed by a private CA
- import the private CA's certificate into Android CA store
- configure SSL access to the Domoticz server in the Domoticz Lite App
- close and reopen Domoticz Lite
Expected behavior
Domoticz Lite starts without showing any false certificate warning/error and accepts the certificate as it's already trusted thanks to being manually imported into the Andorid CA store
Smartphone (please complete the following information):
- Devices: Xiaomi Mi 9T Pro, Xiaomi Poco M3, Redmi Note 7, Redmi Note 8
- OS: Android 11 / Android 10
- Domoticz system version 2021.1
- Domoticz app version 0.2.320 (8513)