|
|
|
@ -443,14 +443,23 @@ This will "pin" the server certificate to prevent man-in-the-middle attacks.
|
|
|
|
|
Note that older Android versions might not recognize newer certification authorities like Let’s Encrypt causing connections to be considered insecure,
|
|
|
|
|
see also [here](https://developer.android.com/training/articles/security-ssl).
|
|
|
|
|
|
|
|
|
|
<br />
|
|
|
|
|
|
|
|
|
|
*Trust anchor for certification path not found*
|
|
|
|
|
|
|
|
|
|
*... java.security.cert.CertPathValidatorException: Trust anchor for certification path not found ...*
|
|
|
|
|
means that the default Android trust manager was not able to verify the server certificate chain.
|
|
|
|
|
|
|
|
|
|
You should either fix the server configuration or accept the fingerprint shown below the error message.
|
|
|
|
|
This could be due to the root certificate not being installed on your device
|
|
|
|
|
or because intermediate certificates are missing, for example because the email server didn't send them.
|
|
|
|
|
|
|
|
|
|
You can fix the first problem by downloading and installing the root certificate from the website of the provider of the certificate.
|
|
|
|
|
|
|
|
|
|
Note that this problem can be caused by the server not sending all intermediate certificates too.
|
|
|
|
|
The second problem should be fixed by changing the server configuration or by importing the intermediate certificates on your device.
|
|
|
|
|
|
|
|
|
|
You can pin the certificate too, see above.
|
|
|
|
|
|
|
|
|
|
<br />
|
|
|
|
|
|
|
|
|
|
*Empty password*
|
|
|
|
|
|
|
|
|
|