From 55c146cf56ba09872bb0670ec7fc4979e6ecb154 Mon Sep 17 00:00:00 2001 From: M66B Date: Tue, 9 Mar 2021 19:51:59 +0100 Subject: [PATCH] Updated FAQ --- FAQ.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/FAQ.md b/FAQ.md index a4cc0fd431..8eabb90328 100644 --- a/FAQ.md +++ b/FAQ.md @@ -443,14 +443,23 @@ This will "pin" the server certificate to prevent man-in-the-middle attacks. Note that older Android versions might not recognize newer certification authorities like Let’s Encrypt causing connections to be considered insecure, see also [here](https://developer.android.com/training/articles/security-ssl). +
+ *Trust anchor for certification path not found* *... java.security.cert.CertPathValidatorException: Trust anchor for certification path not found ...* means that the default Android trust manager was not able to verify the server certificate chain. -You should either fix the server configuration or accept the fingerprint shown below the error message. +This could be due to the root certificate not being installed on your device +or because intermediate certificates are missing, for example because the email server didn't send them. -Note that this problem can be caused by the server not sending all intermediate certificates too. +You can fix the first problem by downloading and installing the root certificate from the website of the provider of the certificate. + +The second problem should be fixed by changing the server configuration or by importing the intermediate certificates on your device. + +You can pin the certificate too, see above. + +
*Empty password*