Feature #1240
closedSSL certificate error prevents downloads from scielo.br on Android 9
0%
Description
- 3.18.1 fdroid
- 2 methods
- method 1
- on left side of bottom page_ tap three dot_ pdfs_ portuguese or english
- method 2
- tap pdf [ below table of contents ]
- tap download "download pdf (portuguese)" or "download pdf (english)
- both of them failed to download with ioexception error for above 2 methods
- domain settings_ *.scielo.br_
javascript, cookies, dom storage enabled
- attachments_ pberror.log (log of app when i tried to download both files using 2 methods)
Files
| pberr.log (446 KB) pberr.log | log of app when i tried to download both files using 2 methods | ||
| 3dot.png (103 KB) 3dot.png | download failure using 3 dot | ||
| menu.png (122 KB) menu.png | download failure using pdf menu | ||
| time.png (98 KB) time.png | shows device time and ist time on webpage | ||
| ssl.png (124 KB) ssl.png | ssl certificate errors |
Updated by Soren Stoutner about 2 months ago
- Subject changed from unable to download pdf files on scielo.br to Unable to download pdf files on scielo.br
- Status changed from New to Feedback
- Assignee set to Soren Stoutner
- Priority changed from 3.x to Next Release
I am able to download a PDF without error using either of the methods described above. Can you please post the entire ioexception error you receive?
Updated by Soren Stoutner about 2 months ago
You are receiving an SSL certificate error.
1. Do you receive an SSL certificate warning when you load the website (I don't on my device, but you might on yours)?
2. Which version of Android are you running?
3. Have you made any changes to your device that might affect verifying SSL certificates, like modifying the OS Certificate Authorities?
4. Can you verify that the date is set correctly on your device?
Updated by Soren Stoutner about 2 months ago
- Subject changed from Unable to download pdf files on scielo.br to SSL certificate error prevents downloads from scielo.br
Updated by jindam vani about 2 months ago
Soren Stoutner wrote in #note-3:
You are receiving an SSL certificate error.
1. Do you receive an SSL certificate warning when you load the website (I don't on my device, but you might on yours)?
yes, please find attachment_ ssl.png
2. Which version of Android are you running?
- android 9
- data copied from "about pb version"
Privacy Browser Version 3.18.1 (version code 75) Hardware Brand: samsung Manufacturer: samsung Model: SM-J701F Device: j7velte Bootloader: J701FDDUACUG2 Radio: J701FXXUACUF1,J701FXXUACUF1 Software Android: 9 (API 28) Security Patch: 2021-04-01 Build: PPR1.180610.011.J701FDDUACUG2 Kernel: 3.18.91-16078765 WebView Provider: com.google.android.webview WebView Version: 130.0.6723.58 Memory Usage App Consumed Memory: 35.44 MiB App Available Memory: 1.01 MiB App Total Memory: 36.44 MiB App Maximum Memory: 192.00 MiB System Consumed Memory: 1,369.46 MiB System Available Memory: 431.21 MiB System Total Memory: 1,800.68 MiB Filter Lists EasyList: 202407182236 EasyPrivacy: 202407182236 Fanboy’s Annoyance List: 202407182240 Fanboy’s Social Blocking List: 202407182236 UltraList: 1 UltraPrivacy: 3 Package Signature Issuer DN: CN=FDroid, OU=FDroid, O=fdroid.org, L=ORG, ST=ORG, C=UK Subject DN: CN=FDroid, OU=FDroid, O=fdroid.org, L=ORG, ST=ORG, C=UK Start Date: 17-Apr-2016 1:44:13 PM IST End Date: 03-Sep-2043 1:44:13 PM IST Certificate Version: 3 Serial Number: 166629308 Signature Algorithm: SHA256withRSA
3. Have you made any changes to your device that might affect verifying SSL certificates, like modifying the OS Certificate Authorities?
no
4. Can you verify that the date is set correctly on your device?
yes, please find attachment_ time.png
Updated by Soren Stoutner about 2 months ago
- Status changed from Feedback to Closed
I receive the same SSL Certificate Authority error when testing in an emulator running Android 9. I suppose that isn't completely surprising, as Android 9 is no longer supported by Google, which means that it no longer receives updates to the list of Certificate Authorities.
https://en.wikipedia.org/wiki/Android_version_history
There are a few things I can note about this.
1. Privacy Browser currently does not support downloading a file over a connection that produces an SSL error. There is an existing feature request to add that behavior, which I intend to eventually implement, but probably not anytime in the immediate future.
Feature #708: Allow Save URL to connect to invalid SSL certificates
2. You might be able to work around this problem by importing the Certificate Authority into Android's CA store. A while back I wrote some instructions for doing this for the ISRG Root X1 CA, which you can probably adapt to your needs. Note that you need to import the GlobalSign GCC R6 AlphaSSL CA 2023, not the certificate issued by that CA to the website.
https://www.stoutner.com/lets-encrypt-isrg-root-x1-and-privacy-browser/
3. If you are greatly concerned about your online privacy (I understand that not everyone is or needs to be, and that many people use Privacy Browser for reasons other than privacy), you should upgrade to a newer version of Android that receives security support. There is only so much that Privacy Browser can do to protect your privacy on an unpatched OS.
Updated by Soren Stoutner about 2 months ago
- Subject changed from SSL certificate error prevents downloads from scielo.br to SSL certificate error prevents downloads from scielo.br on Android 9
I should probably also note that you might be able to work around this problem by the Download Provider to be an external app in Privacy Browser's Settings. Then see if you can find an app that supports bypassing SSL certificate errors.