Mattermost Peer-to-Peer Forum

[SOLVED] Android App connect to Mattermost team link


#1

Android App from play store doesn’t seem to identify the link for the team on my server. Keeps stating: address does not appear to be a mattermost server.

Any help would be appreciated.


#2

More information:

Problem with hte address does not appear to be a mattermost server - https reroute in nginx config. So obviously issue with https SSL by Letsencrypt. (I converted the CA and CRT to PEM to make it work with desktop browsers. without having to be insecure.)

Since nginx has disabled the reroute, it allows Android APP to connect but as I have gitlab SSO it wont login using gitlab linkbox. No logs are generated that I can find.

So detects server but just doesnt want to use SSO login, Is there a way to push SSO to android app? Seems like having the ability to login to the android app via gitlab login would fix this.


#3

Something tells me its the SSL Letsencrypt not passing handshake over SSO.

Since gitlab is also using same lets encrypt SSL maybe, it wont work over SSO because again handshake issue.


#4

Did you check if Letsencrypt is trusted by your ssl subsystem?
Java, as an example, doesn’t trust Letsencrypt out of the box. You’ll need to add the root ca to trusted certs using keytool --import


#5

Ah yes, I thought i forgot something haha.


#6

Hi @Doug

Logging in to the Android App via SSO is not yet supported.

Feel free to add a feature request if you’d like to see this in the product.


#7

Thx @lindy65 I will make a request.


#8

Thanks @Doug, appreciated!


#9

@Doug

GitLab SSO is supported on Android, You’re probably hitting another issue.


#10

Hi there,

I am also have the problem that the app reports that the adress is not a mattermost server. I was thinking about the nginx redirection causing the error. I removed the redirect and now it is possible to connect via port 80 without invoking the certificate. The cert is a signed valid wildcard certificate for our domain.

Using the IOS app produces a team URL not found.

Any help would be appiciated.

Thanks in advance

Andreas


#11

Having the same problem. I followed the installation instructions for Ubuntu 14.04 including installing letsencrypt with nginx. I can access ssl mattermost using the android browser and is working fine from there. But the app says that the link does not appear to be a mattermost server.


#12

same issue for me. Works fine with Firefox browser/letsencrypt/Apache but application reports: “The address does not appear to be a Mattermost server”


#13

Hi everyone,

Please note that the hosted Mattermost mobile apps on iTunes and Google Play are for Mattermost 3.0 and higher., and support multi-team accounts.

If you’re still on a Mattermost 2.x server without multi-team account support, you would need to either upgrade your server to 3.0 or compile the 2.x mobile apps from their open source repos.

The “The address does not appear to be a Mattermost server” sounds like an error message with using the 3.0 mobile apps with the wrong version server.

The Android error message is not as clear as the iOS one (which talks about incompatible versions), and here’s a PR to fix that for Android..


#14

I have the problem with mattermost client android 3.0.6 and Mattermost edition team 3.0.0 (3.0.2)


#15

I already reported this on github but apparently this forum is preferred, sorry for cross posting.

I’d like to report the same Issue.

Android App Version: 3.0.6

Mattermost Server Version: 3.0.3

The Mattermost server works flawlessly, but when connecting with the
Android App I also get “The address does not appear to be a Mattermost
server”.

The request arrives at port 443 on the server but apparently nginx does
not receive a valid http request, since it does not log anything.

I can provide more Information if needed.

08:41:51.549168 IP (tos 0x0, ttl 64, id 26956, offset 0, flags [DF], proto TCP (6), length 239)

10.1.5.108.38857 > 10.1.2.23.443: Flags [P.], cksum 0xe228 

(correct), seq 1715497096:1715497283, ack 2926661490, win 343, options
[nop,nop,TS val 59834830 ecr 37875980], length 187

0x0000:  4500 00ef 694c 4000 4006 b538 0a01 056c  E...iL@.@..8...l 

0x0010:  0a01 0217 97c9 01bb 6640 6888 ae71 4f72  ........f@h..qOr 

0x0020:  8018 0157 e228 0000 0101 080a 0391 01ce  ...W.(.......... 

0x0030:  0241 f10c 1603 0100 b601 0000 b203 032d  .A.............- 

0x0040:  50eb 7942 6110 fedd c243 7163 5478 06e5  P.yBa....CqcTx.. 

0x0050:  e874 a249 c00f 378f 48b5 ddd9 1f69 8500  .t.I..7.H....i.. 

0x0060:  001a c02b c02f 009e c00a c009 c013 c014  ...+./.......... 

0x0070:  0033 0039 009c 002f 0035 00ff 0100 006f  .3.9.../.5.....o 

0x0080:  0000 001c 001a 0000 1763 6861 742e 6164  .........XXX.XX 

0x0090:  6669 6e69 732d 7379 6772 6f75 702e 6368  SERVERXX.XX 

0x00a0:  0017 0000 0023 0000 000d 0016 0014 0601  .....#.......... 

0x00b0:  0603 0501 0503 0401 0403 0301 0303 0201  ................ 

0x00c0:  0203 0010 0017 0015 0268 3208 7370 6479  .........h2.spdy 

0x00d0:  2f33 2e31 0868 7474 702f 312e 3100 0b00  /3.1.http/1.1... 

0x00e0:  0201 0000 0a00 0800 0600 1700 1800 19    ...............

EDIT: I almost forgot, I’m using a self signed certificate

EDIT: Works with a proper certificate


#16

Hi,
I had same problem , after huge time of research and trying , here are the solution :

I was using godaddy ssl certificate , I had to merge both server.crt and intermediate-certificate.crt into one crt file bundle.crt ,
I used the following command :
cat server.crt intermediate-certificate.crt >> bundle.crt

I used the following command in terminal and than edit the nginx configuration file and changed crt path to the new merged crt.

than restarted nginx :
sudo /etc/init.d/nginx restart

And it worked :slight_smile:


#17

Hello.

I’ve got the same problem as @sheepherd (self signed cert). So, the question is: will mattermost app allow connection if I import local CA (used to sign cert) as trusted CA into the android? This way certificate should become fully verified and the app should connect to the server without any trouble? Am I right?


#18

So I fixed my problem. don’t know if this is what others are experiencing but in mattermost-ssl ssl_certificate points to cert.pem but should be changed to fullchain as in the documentation. there may be a difference in ciphers too. Here is what worked for me:

server {
   listen         80;
   server_name    mattermost.example.com;
   return         301 https://$server_name$request_uri;
}

server {
   listen 443 ssl;
   server_name mattermost.example.com;

   ssl on;
   ssl_certificate /etc/letsencrypt/live/yourdomainname/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/yourdomainname/privkey.pem;
   ssl_session_timeout 5m;
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
   ssl_prefer_server_ciphers on;
   ssl_session_cache shared:SSL:10m;

   location / {
      gzip off;
      proxy_set_header X-Forwarded-Ssl on;
      client_max_body_size 50M;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Frame-Options SAMEORIGIN;
      proxy_pass http://app:APP_PORT;
   }
}

Could be other differences too like the SSL listen port. But using this with my domain name instead of just changing my domain name in the existing file works.


#21

The issue seems fixed, even though I did not update or did anything to the server that I can remember would fix it. I did notice the app now displays the option to select https or http before entering the mm url.


#22

This didn’t work for me unfortunately… I’m wondering if anyone has got any other ideas for this on a docker based instance?