The client cannot connect to the server, which can be accessed by other computers
Hello @lsl42
Is this part of the same issue?
Could you share more details with us?
Loïc
Jami Community Manager
We generated a self signed certificate,please help me
Hello @lsl42
For Jami, self-signed certificate are not accepted for JAMS on the client side by default, as explained in the Read Me:
Loïc.
Hi,
Also at mine, I create 2 user and this can connected with desktop and mobile phone, after I created the third this can’t connect using desktop client or phone, the device appears with ID and active but can’t connect, client say not found the account and the server log say:
om.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected a string but was BEGIN_OBJECT at line 1 column 290 path $.uiCustomization
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:397)
at com.google.gson.Gson.fromJson(Gson.java:1227)
at com.google.gson.Gson.fromJson(Gson.java:1137)
at com.google.gson.Gson.fromJson(Gson.java:1047)
at com.google.gson.Gson.fromJson(Gson.java:982)
at net.jami.jams.common.objects.responses.DeviceRegistrationResponse.setPolicyData(DeviceRegistrationResponse.java:79)
at net.jami.jams.server.core.workflows.RegisterDeviceFlow.registerDevice(RegisterDeviceFlow.java:81)
at net.jami.jams.server.servlets.api.auth.device.DeviceServlet.doPost(DeviceServlet.java:129)
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:697)
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:778)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at net.jami.jams.server.servlets.filters.ARequestLoggingFilter.doFilter(ARequestLoggingFilter.java:27)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at net.jami.jams.server.servlets.filters.DApiFilter.doFilter(DApiFilter.java:75)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:351)
at org.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:123)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:339)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:845)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1563)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.IllegalStateException: Expected a string but was BEGIN_OBJECT at line 1 column 290 path $.uiCustomization
at com.google.gson.stream.JsonReader.nextString(JsonReader.java:836)
at com.google.gson.internal.bind.TypeAdapters$15.read(TypeAdapters.java:421)
at com.google.gson.internal.bind.TypeAdapters$15.read(TypeAdapters.java:409)
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$1.readIntoField(ReflectiveTypeAdapterFactory.java:212)
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$FieldReflectionAdapter.readField(ReflectiveTypeAdapterFactory.java:433)
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:393)
... 37 more
LE>Desktop is Windows 10 and phone have Android 14
Which java version do you use?
Hello,
I have the same issue, however it happens with any amount of users created, even just 1.
So, I have:
- downloaded jams.tar
- extracted
- started jams on port 8080
- Went through initial setup, created self-signed CA, admin password and so on
- created default blueprint
- created group, associated with blueprint
- created user, added to group
- configured nginx with proper cert and added CA from step 4 as client_ssl_certificate
- tried to connect from Adnroid 14 and latest Jami client- failed
- tried to connect from Linux and latest Jami client - failed
Error message at jams.log:
[http-nio-8080-exec-7] ERROR net.jami.jams.server.core.workflows.RegisterDeviceFlow - An error occurred while enrolling the device.
com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected a string but was BEGIN_OBJECT at line 1 column 314 path $.uiCustomization
com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected a string but was BEGIN_OBJECT at line 1 column 314 path $.uiCustomization
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:397)
at com.google.gson.Gson.fromJson(Gson.java:1227)
at com.google.gson.Gson.fromJson(Gson.java:1137)
at com.google.gson.Gson.fromJson(Gson.java:1047)
at com.google.gson.Gson.fromJson(Gson.java:982)
at net.jami.jams.common.objects.responses.DeviceRegistrationResponse.setPolicyData(DeviceRegistrationResponse.java:73)
at net.jami.jams.server.core.workflows.RegisterDeviceFlow.registerDevice(RegisterDeviceFlow.java:76)
at net.jami.jams.server.servlets.api.auth.device.DeviceServlet.doPost(DeviceServlet.java:106)
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:590)
at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:658)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:195)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at net.jami.jams.server.servlets.filters.ARequestLoggingFilter.doFilter(ARequestLoggingFilter.java:44)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at net.jami.jams.server.servlets.filters.DApiFilter.doFilter(DApiFilter.java:68)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:331)
at org.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:158)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:389)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:896)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
at java.base/java.lang.Thread.run(Unknown Source)
When sniffing traffic on port 8080 I see that client (android or Linux) send CSR as below:
POST /api/auth/device HTTP/1.0
X-Real-IP: xx.xx.xx.xx
Host: jams.mydomain.com
Connection: close
Content-Length: 1751
User-Agent: Jami Daemon (Android/arm64)
Accept: application/json
Authorization: Basic <passwrdhashhere>
Content-Type: application/json
X-Forwarded-For: <client_ip>
X-Forwarded-Host: jams.mydomain.com
X-Forwarded-Port: 443
X-Forwarded-Proto: https
X-Forwarded-Server: <myserver-hostname>
Accept-Encoding: gzip
{
"csr" : "-----BEGIN NEW CERTIFICATE REQUEST-----\nMIIElTCCAn0CAQAwUDEUMBIGA1UEAxMLSmFtaSBkZXZpY2UxODA2BgoJkiaJk/Is\nZAEBEygwZjhmYjdiNDg1ZDQyNGM2YWUzYjg0NTk0ZGQ4Yjg2OWUyNWsdfsdfsdfsdfsdfGFiMIIC\nIjANBgkqhkiG9w0BAQEFAsdfsdfdhytrhrtyr567456456456XC66xWzqfHR8JV\nwV9gXoQglmim64Tyt1lcjutaBGCQPVgLDvw+lkRal2Gi2Bv3kMfV5zcoJypRyzWJ\nyfkULg3EFlcJ9o5S4LQ7da10CjS5zYAoDq0Mgxcbzvtvfdrx4FBUl/6/t2LL7C8s\ncp3TaR0p7VmfUHSX7C5PAE3jdtSjdrHgcs+D/zor7t5HiaO9p+Y5de4KP2UF1AUk\nF2Kfmqw9aW2OY/TE3h/Ax00hNfQ78eZOubvHF/IttLyUSstfp1o/u3btq3TucZ7w\nymY0haxpjTC83XvZNQ8iif/SYV0ZQUm/awcO2TzTJ8mVQtcjOHJoa1vY/sVZ13LR\n38eWJIeptTLuCfnPj0OmaV8H1w2FD7w5AR6UUP3qHBT2N6CZPRiMPabWTHRfZlE/\nxT3sdfsdfsdfsdfsdfduK6Dj34FfBUUHn7dEyiNoMFxX7Vpoh1ZByEn\nvJVQs2x7WyuvLtVvMg1DY4SKi27ovg+iLyatU0oGhZDJItdQndPB+1XxX+fAjRwN\nyZJEgNIdLz6Lj9+1FSQllVSJ3eyFrY+9CPLHuLKI4w+VJtGSm3aowofMbA7zLULZ\nOo6zz/YwnUaMsP+cBP831AhfNoE8yjMsSIuyEocOk2gcwDj4sqShigOuyw0kq7EG\n6aUzjam0eb+9ctJk7CECAwEAAaAAMA0GCSqGSIb3DQEBDAUAA4ICAQBkuGiEuLKQ\nwF6VA5S9WENh2lzpoq6cpFgow6gtD1+oP5fuXGpn07M+Uj9laq3X4YQ127qKiDqP\nRzMBVrZ0SAiJVNFK+GXYbdcGmhto/XPYbpT3nZpntn0PCXMH77Px7IDe9Jkz+mhF\n3sVLeNbbp7W2rQ8aP8ypYcmcnI50wrQwB7Eq/mjQy410XI3SfqjvxV231PAe4Ia0\nXsgerhe9tj3094heroigheoigjpweogjrpeohjewpotkwe[ptkwopg903495j3451F4znHBR7/Z5pXM4S1u9t+vqUMw6wAQAEBP1cDNqQ\nojyAoMQKT3iypMZPY6NmNfgrKvEbMWEuarlMbapUY7IhZje7Pb6qMz/xilYX+rJ1\nlW3haTrpH7YkwQq9ltcWZaKxLwvdBHtArT54RZOi9YahMGyQDFSz+VieWqnUljYr\nVYlV/HC8vNs4erewYI25L85CPKnCURwnppAu45KA9XYBKOf7nD6G9TjcTQZ3/2nk\noNkm70ydLXyUWeCz+v8I5bOIkt0nyQoySWp7j7EZOWRFj6GoMrkmGzz05uuy2r5a\nnoTXIpfeNIpJVSepaU8GvwzFlUfOkQlp8pOCMk8hqpcw4CB+ZJEIRd8ju8hwasey\nYMJ5fppPbm5UPaQzd9D50NPIoFFWyFKkEA==\n-----END NEW CERTIFICATE REQUEST-----\n",
"deviceName" : "Google Pixel X"
}[!http]
Tried with Java 11 and Java 17 - the result is the same.
Tested the same setup, but running JAMS on port 8443 and providing with valid certificate and key.
The error message is the same, and client cannot connect.