Dear all,
I have successfully built an android app and installed the apk on a tablet. However, on startup, I just see a blank page.
I can access the webapp with the browser, the server is running.
What could this problem be?
Many thanks.
Dear all,
I have successfully built an android app and installed the apk on a tablet. However, on startup, I just see a blank page.
I can access the webapp with the browser, the server is running.
What could this problem be?
Many thanks.
Hi @raf!
Have your ensured you set the <string name="app_host">
value correctly in your APK? Check the “New Brand” section of our Android Flavors page to see the specifics.
As well, if you haven’t already, it’s great to hook up your device to be able to view detailed logs which can help debug situations like this.
Good luck and let us know how it goes!
Hello @mrjones,
Thank you for your reply. Yes, the app_host is set correctly. I have recorded some logs as you suggested.
Please find the output.
It seems to be a connection problem.
beginning of main
03-31 22:08:40.175 22509 22509 E chromium: [ERROR:network_service_instance_impl.cc(179)] Failed to grant sandbox access to network context data for /data/user/0/org.medicmobile.webapp.mobile.msfecare/app_webview/Default with result 7: No such file or directory (2)
03-31 22:08:40.468 22509 22556 E chromium: [ERROR:ssl_client_socket_impl.cc(976)] handshake failed; returned -1, SSL error code 1, net_error -202
03-31 22:10:08.585 22605 22605 E chromium: [ERROR:network_service_instance_impl.cc(179)] Failed to grant sandbox access to network context data for /data/user/0/org.medicmobile.webapp.mobile.msfecare/app_webview/Default with result 7: No such file or directory (2)
03-31 22:10:08.885 22605 22659 E chromium: [ERROR:ssl_client_socket_impl.cc(976)] handshake failed; returned -1, SSL error code 1, net_error -202
--------- beginning of kernel
03-31 22:15:34.927 22881 22881 E chromium: [ERROR:network_service_instance_impl.cc(179)] Failed to grant sandbox access to network context data for /data/user/0/org.medicmobile.webapp.mobile.msfecare/app_webview/Default with result 7: No such file or directory (2)
03-31 22:15:35.227 22881 22939 E chromium: [ERROR:ssl_client_socket_impl.cc(976)] handshake failed; returned -1, SSL error code 1, net_error -202
@raf - Thanks for the log info!
I’m seeing a lot of SSL errors in the log. Can you please confirm you’re using a valid TLS certificate on your instance?
If you’d like a free certficiate that doesn’t need DNS custom entries, check out either the add-local-ip-certs-to-docker.sh script for local or self hosted docker based deployments or our nginx-local-ip solution if you’re running a development environment.
Once you have this certificate installed, you can use the IP in the URL of your APK. So if your IP is 192.169.0.22
, the URL would be https:192-169-0-22.my.local-ip.co
.
Hi @mrjones
Yes, I am using a valid TLS certificate. You can check for yourself, when visiting our CHT instance on the web:
https://uat-msfecare.msf.org/
It is working perfectly, and there are no errors concerning the certificate.
I have rebuilt the entire app from scratch, but the same sandbox error persists.
[ERROR:network_service_instance_impl.cc(179)] Failed to grant sandbox access to network context data for /data/user/0/org.medicmobile.webapp.mobile.msfecare/app_webview/Default with result 7: No such file or directory (2)
03-31 22:08:40.468 22509 22556 E chromium: [ERROR:ssl_client_socket_impl.cc(976)] handshake failed; returned -1, SSL error code 1, net_error -202
another difference that I have observed is that other flavors have a file AndroidManifest.xml
in the folder
cht-android/src/new_flavor/AndroidManifest.xml
Mine has not. But it is not part of the documentation to create one, so I didn’t.
Ah - interesting! I think while some clients, like the browser(s) you’re testing with, may be fine with the TLS configuration, it looks like you maybe are missing your intermediate certs so there’s a chaining issue?
I see SSL Labs reports it is “Incomplete”:
Additional Certificates (if supplied)
Certificates provided 1 (1357 bytes)
Chain issues Incomplete
And openssl
reports “unable to get local issuer certificate”:
openssl s_client -connect uat-msfecare.msf.org:443
CONNECTED(00000003)
depth=0 CN = uat-msfecare.msf.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = uat-msfecare.msf.org
verify error:num=21:unable to verify the first certificate
verify return:1
---
Can you check you have all the correct certificates and the most recent chaining certificates?
Wow! I guess I don’t.
I have received those keys and did not make them on my own. They came bundled in a .pfx
file.
From this I extracted the default.key
with the command
openssl pkcs12 -in FILENAME.pfx -nocerts -out encrypted_default.key
and default.crt
with
openssl rsa -in FILENAME.pfx -clcerts -nokeys -out default.crt
Finally I decrypted default.key
with
openssl rsa -in encrypted_default.key -out default.key
Maybe I must do that differently.
I have solved this issue by taking a new Letsencrypt Challenge. This generated the necessary keys. As I am not a SSL pope, I cannot say whether these certificates are new or just the existing ones have been reissued. Most important: it is working.
Raf - that’s great news! I’m glad to hear you resolved it. I’m guessing one of the files that got generated contained the missing chain file. Either way - glad it’s all working.
(PS - now you have me wondering what the mitre of the SSL pope would look like )
@raf, @mrjones
I have an app that has been working, from Friday, I noted an issue I can see the home tab but no places selected, thus users cant register clients and perform case investigation using the CIF forms in the app as shown below:
I have logged in as the admin, cant see the places but can see the completed forms. Users (CHVs and CHAs) can login, but cant see the places assigned to them, thus cant perform any action on the app, now receiving calls from everywhere…
I correctly configured the SSL certificate and the connection is secure, any idea what could be wrong?
Hi @oyierphil
What you are seeing is unlikely a certificate problem, since reports are loading . My guess is that you’re having issues with your contacts / hierarchy.