Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
[/] I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue
Hey, i am unable to set up my android passbolt app due to the app not using my android device’s certificate store.
I have set up a passbolt server for evaluating passbolt using the official helm chart (version 0.3.1).
Chart.lock
dependencies:
- name: passbolt
repository: https://download.passbolt.com/charts/passbolt
version: 0.3.1
digest: sha256:5d24e4fb2118a075f905ed80e46f5b9d47a73286fdd80c74b2e15a00e631bf97
generated: "2023-05-11T15:07:56.024965819+02:00"
It runs behind an Nginx ingress that is served only through cloudflare tunnels.
I have set up a SSL client certificate that is required by cloudflare to visit my domain.
I have set up that client certificate on my phone and can visit and use the passbolt web interface just fine through web browsers which are using the device’s certificate store.
Passbolt also works from other devices with browsers making use of the SSL client certificate.
However when scanning the initial QR code to set up the app, i get a HTTP error 403.
Presumably due to the app not using the client certificate the request gets denied at cloudflare level already.
Is there currently any way to make the app use the client certificate or does this need to still be implemented?
Android app logs
Device: Google Pixel 7 Pro
Android 13 (33)
Passbolt 1.13.2-20
1:29:01 PM --> PUT https://passbolt.karpfen.dev/mobile/transfers/b0756286-a850-4e24-ad52-beef6bafa42b/56b7bf7d-9af8-4bb3-ad47-163d8112c73f.json h2 (41-byte body)
1:29:01 PM <-- 403 https://passbolt.karpfen.dev/mobile/transfers/b0756286-a850-4e24-ad52-beef6bafa42b/56b7bf7d-9af8-4bb3-ad47-163d8112c73f.json (34ms, unknown-length body)
1:29:01 PM retrofit2.HttpException: HTTP 403
at retrofit2.KotlinExtensions$await$2$2.onResponse(KotlinExtensions.kt:53)
at retrofit2.OkHttpCall$1.onResponse(OkHttpCall.java:161)
at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:519)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
at java.lang.Thread.run(Thread.java:1012)
retrofit2.HttpException: HTTP 403
at retrofit2.KotlinExtensions$await$2$2.onResponse(KotlinExtensions.kt:53)
at retrofit2.OkHttpCall$1.onResponse(OkHttpCall.java:161)
at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:519)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
at java.lang.Thread.run(Thread.java:1012)
1:29:01 PM Uncaught exception in thread: main
com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected BEGIN_OBJECT but was STRING at line 1 column 1 path $
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:225)
at com.google.gson.Gson.fromJson(Gson.java:991)
at com.google.gson.Gson.fromJson(Gson.java:929)
at com.passbolt.mobile.android.core.networking.ErrorHeaderMapper.getBaseResponse(ErrorHeaderMapper.kt:40)
at com.passbolt.mobile.android.core.networking.ResponseHandler.parseErrorResponseBody(ResponseHandler.kt:79)
at com.passbolt.mobile.android.core.networking.ResponseHandler.handleException(ResponseHandler.kt:46)
at com.passbolt.mobile.android.passboltapi.registration.MobileTransferRepository.turnPage(MobileTransferRepository.kt:94)
at com.passbolt.mobile.android.passboltapi.registration.MobileTransferRepository$turnPage$1.invokeSuspend(Unknown Source:16)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:104)
at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664)
Suppressed: kotlinx.coroutines.DiagnosticCoroutineContextException: [StandaloneCoroutine{Cancelling}@30507a4, Dispatchers.Main]
Caused by: java.lang.IllegalStateException: Expected BEGIN_OBJECT but was STRING at line 1 column 1 path $
at com.google.gson.stream.JsonReader.beginObject(JsonReader.java:385)
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:214)
... 15 more
com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected BEGIN_OBJECT but was STRING at line 1 column 1 path $
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:225)
at com.google.gson.Gson.fromJson(Gson.java:991)
at com.google.gson.Gson.fromJson(Gson.java:929)
at com.passbolt.mobile.android.core.networking.ErrorHeaderMapper.getBaseResponse(ErrorHeaderMapper.kt:40)
at com.passbolt.mobile.android.core.networking.ResponseHandler.parseErrorResponseBody(ResponseHandler.kt:79)
at com.passbolt.mobile.android.core.networking.ResponseHandler.handleException(ResponseHandler.kt:46)
at com.passbolt.mobile.android.passboltapi.registration.MobileTransferRepository.turnPage(MobileTransferRepository.kt:94)
at com.passbolt.mobile.android.passboltapi.registration.MobileTransferRepository$turnPage$1.invokeSuspend(Unknown Source:16)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:104)
at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664)
Suppressed: kotlinx.coroutines.DiagnosticCoroutineContextException: [StandaloneCoroutine{Cancelling}@30507a4, Dispatchers.Main]
Caused by: java.lang.IllegalStateException: Expected BEGIN_OBJECT but was STRING at line 1 column 1 path $
at com.google.gson.stream.JsonReader.beginObject(JsonReader.java:385)
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:214)
... 15 more
1:29:03 PM File logging tree planted