Mobile app not working

I have created a clean install of Ubuntu and Jitsi using the new video guide. It works fine. I have installed the Letsencrypt (certbot) certificate and this is showing as a valid certificate in a web browser.

When I try to connect the Android app (on Samsung Note 9 with the Android Pie update) I get a red screen saying ‘Unfortunately, something went wrong’ …

Connections using web browsers work fine (except when using a web browser on an adroid device).

Here it suggests a missing valid TLS certificate - but I have the certbot certificate and that works fine on the web pages
This 7 day old thread (as @2019-02-14) which has had no reply yet appears to be the same issue.

I have opened ports as instructed, tcp 443 and 80, upd 10000:20000. It doesn’t matter if I try it using an internal connection bypassing the network-edge firewall or try using an external inbound connection, the result is the same. I am using a FQDN (with a split DNS, so the internal connection should work). I can connect to the Jitsi test site fine using the app, but not my own server. I have also checked that the ufw firewall has those ports open (again) and the ports list is taken from that status report - so the issue is NOT the edge firewall.

Be grateful for your help.

If its working from the web browser the problem is not the ports. Have you tried from another phone? Do you have the problem?
Check whether the whole chain of certificates is used for the web server.

I have just checked with an older phone with the same results, but I doubt that is the issue as the phone connected fine to the test session at https://meet.jit.si/

I am therefore wondering about the cert chain as you suggested. Not too sure how to check this. Please advise/point me at a guide. Thank you.

Just saw this: https://whatsmychaincert.com/ can you try it?

So there is a broken chain - it times out … I checked all my other servers and they work fine and give a ‘correct chain’ response. I will have to look at this some more tomorrow as I have to go to a meeting now. Will post back tomorrow.

I have now gone and checked the /etc/ssl directory and there is no certifcate or key showing for the domain name.

The https webpage shows that a certificate is issued and working, so there clearly is something that has not happened with the certficate issue using the install guide procedures.

Can you please advise what should be where when using the basic install as per the new video. I am NOT using either Apache2 or Nginx as the web server if that is important.

Thank you

When using jetty the certs are in jks store, which is /etc/jitsi/videobridge/$DOMAIN.jks: https://github.com/jitsi/jitsi-meet/blob/master/resources/install-letsencrypt-cert.sh#L92

The let’s encrypt certs are under this folder /etc/letsencrypt/live/ : https://github.com/jitsi/jitsi-meet/blob/master/resources/install-letsencrypt-cert.sh#L36

/etc/jitsi/videobridge/$DOMAIN.jks does exist, but when I try to view it using nano it is apparently an encrypted file (or possibly a compiled file) - but it is there.

/etc/letsencrypt/live/ has cert, chain, fullchain and privkey.pem files that all look right, but I have no idea how to actually validate any of these.