I can not connect to jitsi with the Android app

For this to work you need a working DNS that is used for your deployment. If you are just using ip-addresses it will not work. Then you maybe able to use mobile devices if you get the certificates that are used and transfer it to every mobile device that will be using it and install the certificates there.

Hi
I have installed Jitsi-meet on Ubuntu18 with nginx in AWS on an EC2.
After tweaking the config for NAT internal/external IP and after letsencrypt I got it to work … mostly.
Two Problems

  1. As mentioned here, Android app is not working with my deployment, but iOS app works great.
    meet.jit.si works with my Android device, so it is not the device.
    I can share my domain via DM if someone can take a look.

  2. I see lipsync issues. Could you share all config settings that you use on meet.jit.si?
    The config filenames and the parameters in each file.

And you guys rock and build awesome software here.

Check the browser on that Android opening the page of the deployment, do you see a warning? Check whether the full chain of certs is installed on the server …

I did install the full chain cert. And I dont see any warnings, but I also dont get to the javascript console. The info button says, all SSL stuff looks good.

Btw I use an url: https://jitsi..de

Could this be a problem, does it need to start with “meet.”?

I will send you the url as DM.

Is there any one who used jitsi meet in local server and connected via android app?
I try many days to make connection with jitse meet local server with self signed certificate but it gives me (failed to load config from https://10.20…) typeerror:network request failed)

I had the same problem in with my custom instalation. To work you need to install the full certificate chain on the web server. After we added all other certificates to the CRT file used by nginx on the server the app started connecting.
If you are using nginx too, these links migth help:

2 Likes

I had the same problem in with my custom instalation. To work you need to install the full certificate chain on the web server. After we added all other certificates to the CRT file used by nginx on the server the app started connecting.

We are working in a local network with no internet at all in the future.
We already chain the (nginx server, all certificate in prosody server) and we added in the web server and added to android Mobil trust store but we have same error

Hi damencho,
i have valid wildcard SSL Certificates, but i still get error reconnect when using Android Mobile. For test send me inbox to test my server

Are you serving the certificate’s fullchain?

no,
iam using only certificate file and certificate key. are cssl chain is needed?

1 Like

I think so, yes.

Thanks for your information,
i was try and success :heart_eyes:

Excellent!

Hello…
I can not connect my homelab docker installation with a Android 7.0 device, but other devices works fine. The mobile firefox in desktop mode connects also.
No certificates warning in Firefox or Chrome occurs.
Is the full cert chain in usage inside the docker installation with automatic lets encrypt cert generation or can I enable the full certchain there? (I guess yes, because in .jitsi-meet-cfg/web/nginx/ssl.conf is the fullchain.pem used)

Maybe there are other hints to get android 7.0 with jitsi app working…

Many Thanks in advance!

All right - the analysis of meet.jit.si (https://www.ssllabs.com/ssltest/analyze.html?d=meet.jit.si&s=76.223.28.75 ) gave the hint - in comparison with the very well hardened docker default install are some ciphers more allowed. The logs of the docker container are silent about that.
When You use the default of the included nginx “version: nginx/1.10.3” the ciphers “HIGH:!aNULL:!MD5 ” then You are able to use the Jitsi meet app at android 7.0.
I guess it uses parts of android, that firefox and chrome not use.

Short hint for german speakers:
Wenn es mit die Jitsi App auf Android 7.0 nicht mit der Jitsi docker installation funktionierten will, dann muss man:
- Jitsi docker container stoppen
cd ~/docker-jitsi-meet
docker-compose down
- nginx Webserver Konfiguration für ssl anpassen
vi ~/.jitsi-meet-cfg/web/nginx/ssl.conf
—> #ssl_ciphers ECDHE-RSA-A… auskommentieren
- Jitsi docker wieder starten
docker-compose up -d

So, are the following accurate conclusions?

  • You cannot connect Android devices to a Jitsi server unless the Jitsi server has a registered domain name and full chain certificates.

  • A Jitsi server using an IP cannot accept connections form an Android device.

The consequence of the above conclusions is that a person wishing to deploy a Jitse server has to purchase or already own a domain name from a domain registrar in order to serve Android clients. I take it this is an Android requirement that cannot be overcome. A very subtle domain name registrar “tax”, if you will – all in the name of security.

you need to verify domain from this link https://www.digicert.com/help/

thank @agustusburg for you comment, it work to me,
Efectivamente comentar en docker el tipo de cifrado , resuelve el problema de compatibilidad aunque puede abrir un hueco de seguridad.

I even have the full certificate chain in my nginx config, but still the android app fails to connect.
It shows me " ConnectionError.other ", dont know what this is supposed to mean. When I searched for it I ended up in this thread, but I already have the certificates installed correctly