Onyx boox Poke 3: A network error has occurred

[Alba Casado]

Hi,

I just got a new Onyx Boox Poke 3 and tried to log in to ankidroid but got this message: A network error has occurred SSLException while building HttpClient. I saw that some people had the same problem but with older versions of Android. This is supposed to be running Android 10. Funnily enough, ankidroid syncs just fine on my onyx boox max 3 which runs an older version of Android. Any ideas? 

[Mike Hardy]

That's strange indeed. Usually it's a legitimate connection issue on your end, you should triple check everything if you haven't already, but given your max 3 is working, that seems unlikely. There might be a real problem here.

The next time that happens, I wonder if you could:

- make it happen as the last thing you do before:

- immediately go to help -> get help -> send troubleshooting report

- then either open a github issue or send the debug information here that has your install UUID from https://docs.ankidroid.org/help.html#_support so we can try to locate the report (they're all anonymized, we can't locate it with out it 1) existing and 2) you sending us the ID to connect an existing report)

I think that will have the exact information in there to help figure it out

-Mike

On 7/6/21 11:51 AM, Alba Casado wrote:

Hi,

I just got a new Onyx Boox Poke 3 and tried to log in to ankidroid but got this message: A network error has occurred SSLException while building HttpClient. I saw that some people had the same problem but with older versions of Android. This is supposed to be running Android 10. Funnily enough, ankidroid syncs just fine on my onyx boox max 3 which runs an older version of Android. Any ideas? 

--
You received this message because you are subscribed to the Google Groups "AnkiDroid" group.
To unsubscribe from this group and stop receiving emails from it, send an email to anki-android...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/anki-android/308e1d2f-7d87-4f15-b3c1-551471d2eac0n%40googlegroups.com.

[Mike Hardy]

Actually - I was chasing another crash and only saw *one* for an Onyx device so took a guess and checked and it looks like you have already done what I asked before I even asked, chapeau!

It does have the information we need:

9	07-06 04:31:39.447 W/AnkiDroid( 5324): Caused by: java.security.cert.CertificateException: Unacceptable certificate: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
10	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:611)
11	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:617)
12	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:617)
13	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:507)
14	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.TrustManagerImpl.checkTrusted(TrustManagerImpl.java:426)
15	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.TrustManagerImpl.getTrustedChainForServer(TrustManagerImpl.java:354)
16	07-06 04:31:39.447 W/AnkiDroid( 5324): at android.security.net.config.NetworkSecurityTrustManager.checkServerTrusted(NetworkSecurityTrustManager.java:94)
17	07-06 04:31:39.447 W/AnkiDroid( 5324): at android.security.net.config.RootTrustManager.checkServerTrusted(RootTrustManager.java:89)
18	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.Platform.checkServerTrusted(Platform.java:224)
19	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.ConscryptFileDescriptorSocket.verifyCertificateChain(ConscryptFileDescriptorSocket.java:407)
20	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
21	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:387)
22	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:226)
23	07-06 04:31:39.447 W/AnkiDroid( 5324): ... 30 more
24	07-06 04:31:39.447 W/AnkiDroid( 5324): Caused by: java.security.cert.CertificateException: Signature uses an insecure hash function: 1.2.840.113549.1.1.5
25	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.ChainStrengthAnalyzer.checkSignatureAlgorithm(ChainStrengthAnalyzer.java:111)
26	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.ChainStrengthAnalyzer.checkCert(ChainStrengthAnalyzer.java:74)
27	07-06 04:31:39.447 W/AnkiDroid( 5324): at com.android.org.conscrypt.TrustManagerImpl.checkTrustedRecursive(TrustManagerImpl.java:608)

So, it appears that your device is being very strict about accepting certificates which is sensible, but it also seems to be getting a certificate with Comodo in the chain instead of the Sectigo certificate I see when I probe sync.ankiweb.net

I would triple check all settings and the certificate for the actual URL configured, something is wrong there somehow?

-Mike

[Jeffrey Urban]

I had a similar or the same issue on a new Onyx Boox Note Air. It was taking a very long time to sync, and then syncing only partially, before failing with a similar message to the above during media sync. I was syncing 'Neri's Chinese Course' which contains thousands of audio files. I repeated sync many times with similar results, and it never would complete.

I've now forced a re-sync, pulling from AnkiWeb to replace local content, and the sync completed successfully. It appears the issue resolved itself on my device via the forced re-sync.