Are you running Android V7?
1 Like
Hi, we have done more tests and can reproduce it, however we canât reproduce it with sites we host, we suspect something wrong in your configuration (probably SSL configuration). We are at our annual meeting for the next week, and I wanted to give you the latest info we have on the subject.
6 Likes
Thanks so much for looking into this Joffrey! Thatâs good news. Harm is the technical person so he will have to look at the installation. Anything in particular he should check out?
Iâd start by comparing the test results of your domain and try.discourse.org at SSL Labs.
Oh, and Iâd definitely fix the issue with your certificate chain. Youâll find a warning in the test resultsâŚ
4 Likes
Hello Gerhard,
Iâve fixed the chain issue (removed the CA root from ssl.crt) but the app still doesnât work on a Samsung Phone with Android 7.x.
1 Like
The problem can only be reproduced on Samsung phones with Android 7.x. On other Android devices everything works fine.
Hello Gerhard,
The problem is solved. After looking at the SSLLabs results again i noticed a difference between the Android 7.0 handhake. Our site gave ECDH secp384r1 while your site gave ECDH secp256r1. After some googling i landed on the following site:
https://stackoverflow.com/questions/39133437/sslhandshakeexception-handshake-failed-on-android-n-7-0
So there seems to be a bug in Android 7.0. I now changed the line âssl_ecdh_curve secp384r1â to âssl_ecdh_curve prime256v1â in âweb.ssl.template.ymlâ and after a rebuild the app started working.
8 Likes
I read some things about samsung needing older ciphers but it was for older phones. Glad you sorted it out!
1 Like
Wow excellent sleuthing! Sure glad that someone created Stack Overflow so we could use it to figure this out 
8 Likes
Thanks everybody for your time and energy! 
3 Likes
This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.