We've found some Android devices won't even trust a GeoTrust root -- so we
had to rig all of our GeoTrust certificates to chain back to an Equifax
root (which everybody seems to trust). It's a mess.
Best,
Chris
···
On Thu, Sep 11, 2014 at 9:48 AM, Yaw Anokwa wrote:
Aurelio,
The easy answer is to use GeoTrust certs or to chain your root cert to
something more widely available. You can also submit a patch.
Thanks Mitch and Tom. I will get in touch with GoDaddy to investigate
what i might have missed during certificate installation.
Regards,
Caesar
···
On 21/03/2015, Mitch Sundt wrote:
> Agreed.
>
> Test with another PC/Mac first.
>
> Work with GoDaddy tech support to get to where you can connect to your
> server from a wifi hotspot using an un-modified web browser on a client
> computer (i.e., without installing or modifying the certificates on the
> client computer).
>
> Then Test with the browser on your Android device.
>
> If those both work, then ODK Collect should work.
>
> If you are installing new root certificates on the devices, something is
> wrong with the issuer of the SSL certificate.
>
>
>
>
>
> On Fri, Mar 20, 2015 at 5:33 AM, Tom Smyth wrote:
>
>> I'd recommend talking to GoDaddy support about this.
>>
>> On 20 March 2015 at 05:15, Caesar wrote:
>>
>>> Apologies, please find below the SSL test URLs that gave the issues
>>> explained above.
>>>
>>>
>>> 1.
>>>
>>> https://www.networking4all.com/en/support/tools/site+check/report/?fqdn=odk.kemri-wellcome.org&protocol=https
>>> 2.
>>>
>>> https://www.sslshopper.com/ssl-checker.html#hostname=odk.kemri-wellcome.org
>>>
>>> regards,
>>>
>>> caesar
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups
>>> "ODK Developers" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an
>>> email to opendatakit-developers+unsubscribe@googlegroups.com.
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
>>
>> --
>> Tom Smyth
>>
>> Worker-Owner, Sassafras Tech Collective
>> Specializing in innovative, usable tech for social change
>> sassafras.coop *·* @sassafrastech
>>
>> Resident, Touchstone Cohousing
>> touchstonecohousing.org
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "ODK Developers" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to opendatakit-developers+unsubscribe@googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> Mitch Sundt
> Software Engineer
> University of Washington
> mitchellsundt@gmail.com
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "ODK Developers" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/opendatakit-developers/IeepVIOJmiI/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> opendatakit-developers+unsubscribe@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
Thanks Mitch and Tom. I will get in touch with GoDaddy
to investigate
what i might have missed during certificate installation.
My android and PC browsers do not complain but certificate issuer
details are not shown on checking the certificate details. Suspecting
this is where the issue lies.
Regards,
Caesar
···
On 21/03/2015, Mitch Sundt wrote:
> Agreed.
>
> Test with another PC/Mac first.
>
> Work with GoDaddy tech support to get to where you can connect to your
> server from a wifi hotspot using an un-modified web browser on a client
> computer (i.e., without installing or modifying the certificates on the
> client computer).
>
> Then Test with the browser on your Android device.
>
> If those both work, then ODK Collect should work.
>
> If you are installing new root certificates on the devices, something is
> wrong with the issuer of the SSL certificate.
>
>
>
>
>
> On Fri, Mar 20, 2015 at 5:33 AM, Tom Smyth wrote:
>
>> I'd recommend talking to GoDaddy support about this.
>>
>> On 20 March 2015 at 05:15, Caesar wrote:
>>
>>> Apologies, please find below the SSL test URLs that gave the issues
>>> explained above.
>>>
>>>
>>> 1.
>>>
>>> https://www.networking4all.com/en/support/tools/site+check/report/?fqdn=odk.kemri-wellcome.org&protocol=https
>>> 2.
>>>
>>> https://www.sslshopper.com/ssl-checker.html#hostname=odk.kemri-wellcome.org
>>>
>>> regards,
>>>
>>> caesar
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups
>>> "ODK Developers" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an
>>> email to opendatakit-developers+unsubscribe@googlegroups.com.
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
>>
>> --
>> Tom Smyth
>>
>> Worker-Owner, Sassafras Tech Collective
>> Specializing in innovative, usable tech for social change
>> sassafras.coop *·* @sassafrastech
>>
>> Resident, Touchstone Cohousing
>> touchstonecohousing.org
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "ODK Developers" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to opendatakit-developers+unsubscribe@googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> Mitch Sundt
> Software Engineer
> University of Washington
> mitchellsundt@gmail.com
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "ODK Developers" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/opendatakit-developers/IeepVIOJmiI/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> opendatakit-developers+unsubscribe@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
We've found some Android devices won't even trust a GeoTrust root -- so we
had to rig all of our GeoTrust certificates to chain back to an Equifax root
(which everybody seems to trust). It's a mess.
Reboot after installing the CA certificates for GeoTrust (there are several
to obtain from here: https://www.geotrust.com/resources/root-certificates/
) -- or whatever your authority is -- BUT make sure you download these
from an https URL -- downloading root certificates from an ordinary http:
link is absurdly dangerous; never do that!
Then, upon restart, ODK Briefcase should "just work."
···
On Thu, Sep 11, 2014 at 6:53 AM, Yaw Anokwa wrote:
Chris,
Agreed. GeoTrust + Equifax is generally what we do for deployments.
Yaw
Need ODK services? http://nafundi.com provides form design, server
setup, professional support, and software development for ODK.
We've found some Android devices won't even trust a GeoTrust root -- so
we
had to rig all of our GeoTrust certificates to chain back to an Equifax
root
(which everybody seems to trust). It's a mess.