How to login to Davx5 with certificate? (github.com)
from heyfrancis@lemmy.ml to selfhosted@lemmy.world on 15 Sep 2024 03:17
https://lemmy.ml/post/20311234

This may be more of an Android issue than self-hosting, but i run Radicale on my personal server to host caldav/carddav services. I want to login with uname&pword with a certificate. I found this video in Davx5 github page showing that a user can select the cert:

video

I generated a self-signed cert from my server and installed that to my Android phone via Settings > Security&Privacy > Encryption&Credentials. But i dont get the same as the video. It keeps telling me No certificate found

Clicking the install button and selecting my cert will say

Install CA certificates in Settings This certificate from null must be installed in Settings. Only install CA certificates from organizations you trust.

#selfhosted

threaded - newest

thagoat@lemmy.sdf.org on 15 Sep 2024 04:31 next collapse

Just use Login with URL and user name šŸ˜

heyfrancis@lemmy.ml on 15 Sep 2024 04:39 collapse

Yeah thatā€™s what im using right now. But i want to add security by using a certificate when logging in

hempster@lemm.ee on 15 Sep 2024 06:40 collapse

Add a certificate to the endpoint using your reverse proxy

N0x0n@lemmy.ml on 15 Sep 2024 07:04 next collapse

I have a self-hosted Baikal server with self-signed CA on Android 14 and it works.

However, I didnā€™t had to add the certificate to Davxāµ itself. Adding a rootCA into your device and your reverse proxy handling the request should work as expected over https.

Those kind of things are difficult to troubleshoot, this could be:

  • Bad rootCA certificate, missing the necessary options ?
  • Wrong certificate handled by your reverse proxy ?
  • Radicale doesnā€™t recognize your certificate extension ?
  • Wrong networking configuration ?
  • Bug ?
  • ā€¦

We need more infos about your setup:

  • Do you use a reverse proxy ?
  • Had you already any success with this certificate within an other application ?
  • Any logs from your Android, Davxāµ?
heyfrancis@lemmy.ml on 16 Sep 2024 02:57 collapse

like the other commenter said, CA is different from a client cert. Iā€™ll try that and see how it goes

hendrik@palaver.p3x.de on 15 Sep 2024 08:18 collapse

Do you install the CA certificate or the client certificate? Because both aren't the same. The app needs to authenticate with a client certificate file. The server has a server certificate that is checked against the CA certificate. So you'd install that (CA) in the android system certificate store and additionally give a client certificate file to the app.

heyfrancis@lemmy.ml on 16 Sep 2024 02:56 collapse

Oh i thought they are the same. I look into how to create a self-signed CA and see if it helps