Element Android tries to reach standard https port (443) even when homeserver I choose has a different port specified
Closed this issue · 1 comments
Steps to reproduce
- Run any matrix server on a port other than 443 (For example: 16443), with HTTPS.
- Launch Element Android.
- Enter homeserver address (as in: domain:16443) when asked and press Next.
Outcome
What did you expect?
Element Android only reaches out to port 16443 to communicate with homeserver, and I only need to trust one self-signed certificate (My homeserver certificate) on my phone.
What happened instead?
Element desktop reaches out to both port 16443 and port 443 to communicate with homeserver, and asked me to explicitly trust TWO certificates (first the certificate on the broadband router, then my homeserver certificate) before I can continue, which makes me extremely nervous, thinking that I am being actively eavesdropped.
Element Android first prompted me to trust a certificate with fingerprint I have not seen (Only later I recognized it on my broadband router). I want to NOT trust this certificate but this is the only way I can continue setting up.
After clicking TRUST, a second self-signed certificate prompt showed up, prompting me to trust this certificate. This fingerprint represent the certificate I installed on my homeserver.
Similar issue exist in Element Desktop but is more concealed because it's only logged in terminal when started from command line.
Your phone model
Xiaomi 8
Operating system version
Android 13
Application version and app store
Element Android 1.6.14 F-Droid varient
Homeserver
conduit 0.7.0 but should not matter, this problem should be able to be replicated even if only have I have nginx setted up
Will you send logs?
No
Are you willing to provide a PR?
No
element-hq/element-desktop#1660 (comment)
Turns out that specifying https:// is necessary to only talk to the specified port, as specified by the spec.