We've setup the certificates on our server and when requesting https://www.ourserver.org, Android (whatever the browser used) shows a little popup
You need to set a lock screen pin or password
before you can use credential storage
Which is wrong, it seems that the phone is trying to register that certificate..?
It does happen only on Android so far it's fine on iPhone and desktop browsers
our Stunnel config:
[www.ourserver.org]
cert = /etc/stunnel/certs/www.ourserver.org.crt
key = /etc/stunnel/keys/www.ourserver.org.key
CAfile = /etc/stunnel/certs/www.ourserver.org.intermediate.crt
accept = 10.10.54.2:9443
connect = 10.10.54.2:9444
verify=1
xforwardedfor = yes
TIMEOUTclose = 0
cert
file is issued by RapidSSL. The intermediate CAfile
contains both: the intermediate certificate first and cert certificate
.
Any idea of what went wrong on our certificate config ?
If I go through the process of securing my phone with a lock screen, accessing the same page then shows
No certificates found
The app Chrome has requested a certificate.
Choosing a certificate will let the app use this
identity with servers now and in the future. The
app has identified the requesting server as (...),
but you should only give the app access to the
certificate if you trust the app. You can install
certificates from a PKCS#12 file with a .pfx or a
.p12 extension located in external storage."
This same thing happened to me when I was installing my certificate on my Android Tablet.
Hope this helps.