Skip to main content

Why don't I see any devices in the mobile app?

  • Updated

Error pattern:

Devices are displayed in the Mobile App for IOS, but not for Android.

Important: If no devices are available for IOS and Android, something seems to be wrong with the basic configuration. In this case, please check the setup again using the documentation: 

https://help.c4b.com/xphone-connect-9/doc/en/admin/config/srv/cfg/cfg-general.html#mobile-app 

 

Typical cause:

The certificate used is a legacy certificate (mostly of Let's Encrypt) that supports older Android systems. The disadvantage of these certificates is that the Xamarin framework we use for the mobile app considers them to be faulty.
A corresponding bug has been open at Xamarin since September 2021.
You can read about it at: https://github.com/xamarin/xamarin-android/issues/6351

 

You can check this with the SSL Checker from the WebApi Tester. In the case of a legacy certificate, the following message would appear:

Important:

The problem can occur with both a DST Root CA X3 and an ISRG Root X2 certificate.

Please note this in the solution approach below.



Possible solution:

To solve the behaviour you need to replace the legacy certificate with a non-legacy certificate so that newer devices can also see the devices.

Explanation / solution from Certify The Web: https://docs.certifytheweb.com/docs/kb/kb-202109-letsencrypt/#switching-to-chain-1-modern 

 

When creating Let's Encrypt certificates, make sure that neither the “DST Root CA X3” certificate nor the “ISRG Root X2” certificate are included in the certificate chain.


Exception: As far as we know, the ISRG Root X2 works from Android 14 onwards, but this can lead to problems with older versions. The ISRG Root X2 is only included in the trusted CA certificates from Android 14 onwards.

 

There are various ACME client implementations for Let's Encrypt certificates that request the certificate.

Below are the respective commands or configurations for known ACME client implementations to create a valid certificate chain for Xamarin:

 

Certbot (Linux)

certbot --nginx -d FQDN --preferred-chain "ISRG Root X1"

 

Win-Acme (Windows)

In the "settings.json" file, the value "ISRG Root X1" must be entered in the "PrefferedIssuer" item.

https://www.win-acme.com/reference/settings#preferredissuer 

 

Certify The Web (Windows)

Already uses the newer "ISRG Root X1" chain by default. Nothing needs to be set here.

https://docs.certifytheweb.com/docs/deployment/tasks/nginx/#ca-preferred-chain 

Related articles

Comments

0 comments

Article is closed for comments.