I’m trying to install a user certificate (aka: client certificate) to authenticate against my wiki and a Home Assistant instance using their companion app. Both works fine on my Mac, but it doesn’t work at all on /e/ 2.4.1-t-20241009439851-official-FP4.
It took me a while to figure out that the P12 certificates have to be converted to -legacy in order to successfully import them as “VPN or app” certificate to begin with. But even so, I can’t access the wiki which requires this certificate to be presented. (When I lift this requirement, the wiki loads, so transport security is not the cause.)
Also, some people have updated the webview to fix similar issues. I’ve tried this with both beta and canary to no avail.
And I’ve read somewhere that on Android 13 up, apps have to opt-in to the use of imported certificates. The Home Assistant companion app should ask for a user certificate if it is requested, this feature has been added a while ago according to the changelog. Brave should do the same and just to be sure, I even installed Chrome for a test, but it doesn’t use the user certificate neither.
The biometric lock is is active, so that as well should not be a blocker.
Are there any other prerequisites which have to be met? Or features available through the developer options which must not be active?
I’ve tried it as wi-fi cert, but unfortunately this changes nothing the cert is still not presented. (Yes, I have cleared caches, restarted the phone etc to no avail.)
I’ve tried both and both produce a “400 bad request - no required ssl certificate was sent”. The Nginx debug log reads the same, no acceptable user certificate was presented.
Thanks for the hint on Firefox though, the secret setting to use external CA stores is really cool. With this set, I can connect to a server of mine which uses CAcert for transport security in Firefox.