Please check out the English help page (or the German Hilfe) first before posting.

Notifications
Clear all

https pages not accessible with Firefox on Android 11  

  RSS

Active Member
Joined: 11 Monaten ago
Posts: 11
21/11/2020 12:13 pm  

Smartphone Google Pixel 4A, Android 11, https pages are partly not reachable with Firefox Ver. 83.1.0 and Fennec Browser Ver. 82.1.1, error message: "Secure connection failed", no display symbol Controlbar.

https pages Example: whisky.de, dasoertliche.de, mindfactory.de, mobilsicher.de, startpage.com etc. ........

Chrome Browser, InBrowser and SmartCookie Browser no error message, Symbol Controlbar is displayed

Certificate included after instruction, MAC address of the device is used !! TOR and VPN deactivated.
eBlocker Dashboard shows with certificate present: "!" on red background.

Raspberry Pi 4 B 4GB RAM, eOS 2.5.6, FilterList Nov. 21, 2020, Network Mode (Auto), Mask 255.255.255.0, Router Fritzbox 7560 Gateway 192.168.178.1, eBlocker DNS-Firewall external 1.1.1.1,

On my old smartphone Sony Xperia Android 9 I did not have these problems.


Quote
Member
Joined: 11 Monaten ago
Posts: 181
21/11/2020 1:14 pm  

Hi,

how long is your certifikate valid?

3 our 2 years?

 

regards

PIO78


ReplyQuote
Active Member
Joined: 11 Monaten ago
Posts: 11
21/11/2020 4:07 pm  

@pio78

Hello thanks for answer

The.certifikate is valid for 3 years, started at 13.09.2020

Thomas


ReplyQuote
Member
Joined: 11 Monaten ago
Posts: 181
21/11/2020 4:20 pm  

@thomasbeier-team-de

generate a new certificate that is only 2 years valid.

I hope this may help ...

 

Please tell me

 

regards

PIO78


Random liked
ReplyQuote
Member
Joined: 12 Monaten ago
Posts: 597
21/11/2020 4:36 pm  

@thomasbeier-team-de I thought with 2.5.x root cert is 2yrs by default. Did you change it by chance? Or it might be a bug? 🤔 

THX!


ReplyQuote
Active Member
Joined: 11 Monaten ago
Posts: 11
22/11/2020 11:57 am  

Thanks for your answers. Will create a new certificate and then report.
But I have put the Raspberry Pi 4 with the final version of eOS into operation on 13.09.2020 and on that day I also created the certificate with the duration of 3 years.
Let's see if the new certificate will be created for only 2 years.
Maybe today, but I will have to reinstall the certificates on 2 laptops, 2 smartphones and 1 PC........ 😉


ReplyQuote
Active Member
Joined: 11 Monaten ago
Posts: 11
22/11/2020 5:52 pm  

Hello

Now I have renewed the certificate in the eBlocker under Settings, HTTPS, Duration under Settings set to 2 years.

In the Smartphone (Android 11) I have installed the new certificate under Settings > Security > Advanced > Encryption and Logon Data > Install a Certificate > CA Certificate.
This certificate appears then under Settings > Security > Advanced > Encryption and Logon Data > Trusted Logon Data > Users, also.

I also installed the new certificate under Settings > Security > Advanced > Encryption and Credentials > Install a Certificate > WLAN Certificate.
This then appears under Settings > Security > Advanced > Encryption and Credentials > User Credentials.

Then the same way under Settings > Security > Advanced > Encryption and Credentials > Install a Certificate > VPN & App User Certificate, then the error message appears: File cannot be used, This file cannot be used as VPN & App user certificate.

Unfortunately all without success !!!
The described error still occurs. Now I do not know any more.

Greetings Thomas


ReplyQuote
Active Member
Joined: 11 Monaten ago
Posts: 11
23/11/2020 9:08 pm  

Hello love community
One more try ...
I downloaded the current image of the eBlocker OS and installed it on a new SD card. But even after starting the OS and embedding the certificate on my smartphone I still get the same error. (See above)

I noticed that the default setting for the duration of the certificate is 3 years.

Doesn't anybody have an idea what can be done or where the mistake lies?

Greetings Thomas


ReplyQuote
Famed Member
Joined: 11 Monaten ago
Posts: 371
23/11/2020 10:18 pm  
Posted by: @thomasbeier-team-de

In the Smartphone (Android 11) I have installed the new certificate under Settings > Security > Advanced > Encryption and Logon Data > Install a Certificate > CA Certificate

The duration of eBlocker‘s root certificate is OK with three years. In 2.4 the validity of the „on the fly“ signed website certificate was wrong. So this is all good. @random might got mixed up here 😉 

Now, I‘m not on Android. But granting the eBlocker certificate root (full CA status) is essential. With iOS Apple has some extra hurdle implemented a user has to take. With Android there might be something similar. Each single step of the described certificate installation process must be followed. 

Even you have done it: Please try anew and follow the wizard’s instructions carefully. There might be a last step (to grant CA root status) you have overseen.

BTW: It‘s enough to follow the instructions and it‘s not helpful to add eBlocker‘s root certificate in other places (as you discussed i.e. VPN & user certificate). The described error is expected as it‘s not a user certificate (but a CA root cert).

Hope this helps.


Random liked
ReplyQuote
Active Member
Joined: 11 Monaten ago
Posts: 11
24/11/2020 9:07 pm  

Thanks Benne for your personal answer, but now this:

On your advice, I have carried out all the steps once again in detail.
I have renewed the certificate in eBlocker under Settings, HTTPS, Certificate, renewed, leave the term standard 3 years.

In the new smartphone (Google Pixel 4a) I have deleted all old eBlocker certificates and installed the new certificate only under Settings > Security > Advanced > Encryption and Logon Data > Install a Certificate > CA Certificate.

After that it appears under Settings > Security > Advanced > Encryption and Logon Data > Trusted Logon Data > Users, but not under Settings > Security > Advanced > Encryption and Logon Data > Trusted Logon Data > System. So I guess it is not installed as a root certificate. Android apparently prevents this !!! ???

By the way, after deleting all certificates in my old Sony Smartphone and reinstalling it, the same error occurs there.

Remember: Error message: "Secure connection failed", and no display of the icon Controlbar.
Concerns only Firefox, current version, for Android with "Improved protection against activity tracking" turned off

https pages examples: whisky.de, dasoertliche.de, mindfactory.de, mobilsicher.de, wikipedia.org etc. ........


ReplyQuote
Member
Joined: 12 Monaten ago
Posts: 597
24/11/2020 9:34 pm  

@thomasbeier-team-de I‘m in a Google free zone - so not Android, sorry.
But searching for your issue I found this which might help: https://stackoverflow.com/questions/61386312/cant-install-ca-certificate-on-android-11#62465897

You might want to consider stepping back from Google if you value you privacy... 🤔

Remember: If you buy cheap you probably pay a lot... 😉 

THX!


ReplyQuote
Active Member
Joined: 11 Monaten ago
Posts: 11
25/11/2020 9:40 am  

Hello

I guess there's nothing you can do about it 😉
I have now deactivated the HTTPS support via WLAN for the smartphone and only enabled the VPN service.

Unfortunately the error has now also occurred with my old Sony Smartphone with Android 9.
Both under eOS 2.5.6 on Raspberry Pie 4 and on my company eBlocker under eOS 2.4.5 on Raspberry Pie 3.
On the Sony Smartphone you can still use the certificate as "VPN and Apps", and "WLAN".
See instructions https://eblocker.github.io/help/de/360002342774.html

Maybe there will be a solution for Android users some day.

Thanks for the answers, see you soon.
Thomas


ReplyQuote
Member
Joined: 12 Monaten ago
Posts: 597
26/11/2020 8:38 pm  

@thomasbeier-team-de I can‘t judge or help about Android but v9 should rather work 🤔 

Well, but there is good news: even if https is not enabled you still get 90-95% protection from trackers/ads by the DNS based blocker which automatically kicks in... 😉 

THX!


ReplyQuote
Scroll to Top