Hi all,
I'm writing this email about an issue we recently faced in the
Wikimedia Commons Android app. The beta flavour[1] of the Commons app
connects to the Wikimedia Commons beta cluster[2]. When trying to
log-in to the beta cluster using valid credentials we get the
following error[3]:
javax.net.ssl.SSLHandshakeException: Chain validation failed
We get this error when trying to do the following API call:
https://commons.wikimedia.beta.wmflabs.org/w/api.php?format=json&format…
This seems to be a problem only when making the API call to get the
login token from the app (IIUC, we use OkHttp to make the API call).
The same API call succeeds without issues when done using the browser.
We're not sure what's causing this issue. We've stopgapped the
issue[4] for the mean time but we would like to identify the actual
problem and fix it. It would be nice if someone could help us with
identifying the problem. If there's a better place or person to
contact about this issue please let us know.
As the stopgap fix has been merged, the beta version built from the
latest source in 'master'[5] would not have the issue described above.
The source that has the issue can be found at [6].
Notes and references
[1]: It's different from the beta version released in Play store.
[2]:
https://commons.wikimedia.beta.wmflabs.org
[3]: Unable to login #3320 -
https://github.com/commons-app/apps-android-commons/issues/3320
[4]:
https://github.com/commons-app/apps-android-commons/pull/3349 and
https://github.com/commons-app/apps-android-commons/pull/3350
[5]:
https://github.com/commons-app/apps-android-commons/tree/master
[6]:
https://github.com/commons-app/apps-android-commons/tree/fe56cefdbca21125e9…
Thanks,
Sivaraam