Disroot email not working on Android apps

I have been using Disroot email with both K9 and Delta Chat on my Android 6.0.1 device for over a year with no problems. Sometime in the last week or two, both apps have stopped receiving new messages from the Disroot mailserver. I can still send email from K9 (not DC) and the web browser on the device can reach mail.riseup.net, so it doesn’t appear to be a DNS problem. Maybe a problem with the connection settings for IMAP?

Any suggestions (other than get a newer Android :wink: ?

Hey @strypey long time dont read. How are ya.
What Android version you are using. Perhaps the issue is with the change of letsencrypt root cert that changed last week?

Android version is 6.0.1

Perhaps the issue is with the change of letsencrypt root cert that changed last week?

The timing is about right. Is there any way we can test that?

@muppeth FYI Today I couldn’t get webmail to connect on one of my laptops either. It’s running Trisquel 8 (based off Ubuntu 16.04) and running an apt update spewed a bunch of ssl-related error messages. I’m wondering if this could all be connected?

Could very much be the fallout of the recent change at letsencrypt DST Root CA X3 Expiration (September 2021) - Let's Encrypt

OK @muppeth Is there anything I can do to get Delta Chat working with Disroot mail again? It’s become an important day-to-day communication channel for me.

Hi,
I will be working on this starting from evening (CET) try to stil provide comatibility with older devices (had some non-disroot related priority work this week which is very bad timing), but in most cases, it’s the distros that should updated their root cert packages. I will dig around, read about this because this change in letsencrypt root cert has caused major issues all over the internet and try to make everyne happy. I will work on it as prio, and will keep you posted about it either here or will make seperate git issue to track the progress.

1 Like

Hi!

Just a tip:

You can use BuyPass instead of LE - Free TLS-certificates that you can get over ACME with certbot and valid for 180 days. I think that Android down to 2.8 supports it too.

@muppeth could the Buypass certificates suggested by @selea be the solution to this problem?

I have to check but i dont want to move away from letsencrypt. Afaik you could install the new root cert from letsencrypt?

···

On Saturday, 23 October 2021, strypey via Disroot - Forum wrote:

@muppeth could the Buypass certificates suggested by @selea be the solution to this problem?


Visit Topic or reply to this email to respond.

You are receiving this because you enabled mailing list mode.

To unsubscribe from these emails, click here.

On my Android? How would I do that?

Sorry this is taking so long.
Started thread on our issue board:

1 Like

Just brainstorming here, but … what about including the necessary certs in the Disroot app, and somehow getting email apps to get them from there, could that work? Or getting the certs included in the F-Droid client somehow?

Do you have any links to documentation on this that you could post on that issue tracker thread linked by @muppeth ?

Is it necessary to switch all certificates to BuyPass (or other CAs)?

https://ssl-tools.net/subjects/72c74580524922e9a5b62e238cb16cd887402dde

I dont have a old device to test with sadly,
Anyway, you are not able to install other Root-Certificates? I remember that I did it for my self-signed certificates a couple of years back

@selea Do you mean on the server or on my device? If it’s the latter, how do I do that?