Hello.
I created my own SSL CA and installed the root certificate under the Trust Certificates (User section). I’m using it to connect to my Home Assistant (HA) server.
If I try to connect via Brave browser on /e/ the root certificate of my CA is recognized, trusted and everything is working correctly, but if a try to connect via the /e/ browser or the HA app, both are not able to ‘see’ and recognize the installed certificate, they say the server certificate it is not trusted.
The same HA app installed on another Android is able to recognize and trust the certificate. I suspect there is a bug in the webview component.
I downloaded the HA app source and tracked the SSL error : SSL_UNTRUSTED
Any suggestion ?
Solved this, my next step is to secure the SSL connection to the server with a client certificate.
/e/ version 0.22-20220228166119
com.android.webview version 96.0.4664.54
The webview version of the working device is : 99.0.4844.73
I think I solved by myself. I write here the solution for the others.
I went to the app store and installed the latest Webview component available and now everything is working as expected. Perhaps an upgrade failed previously.
I have /e/OS v1.18-t installed on my Oneplus 7T and I’m facing the same problem. The websites that are secured with a certificate from an organizational CA that I installed on my /e/ are all rejected “not trusted”. The Android System Webview version that comes with /e/OS v1.18-t is a very old one, version 117.0.5938.156. I tried with /e/ Browser as well as Firefox.
But I can’t install a newer one from the App Lounge. If I try to install the Android System Webview from Google LLC via App Lounge it rejects to install. It only works if I use Aurora Store to install. App Lounge also can’t install nor update any previously purchased apps from the Google Play Store anymore. Aurora has no problems with this?
How can I use own CA certificates as trusted on /e/ natively? Why is Android System Webview so outdated? Why has App Lounge problems?
I have the suspicion that some components in /e/ are not up to date, which makes me feel insecure in using /e/ as daily driver.
I’m pretty sure WebView 117 isn’t that old, probably not the issue @roberto.gerola was facing with a WebView that’s several years old. Nevertheless, I am also facing this issue.
I confirmed with another device that has the same WebView version (LineageOS 20-20231015-NIGHTLY-guacamole) that the same app works with the same certificate.
The app also opts in explicitly to use user certificates, so it’s unlikely to simply be an Android build configuration issue.
I think @Manoj solved something similar, any chance of getting support on this? Thanks <3