The client was unable to connect to the server

The client cannot connect to the server, which can be accessed by other computers

Hello @lsl42
Is this part of the same issue?
Could you share more details with us?

Loïc
Jami Community Manager

1 Like

We generated a self signed certificate,please help me

1 Like

Hello @lsl42 :slight_smile:

For Jami, self-signed certificate are not accepted for JAMS on the client side by default, as explained in the Read Me:

Loïc.

Hi,
Also at mine, I create 2 user and this can connected with desktop and mobile phone, after I created the third this can’t connect using desktop client or phone, the device appears with ID and active but can’t connect, client say not found the account and the server log say:

om.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected a string but was BEGIN_OBJECT at line 1 column 290 path $.uiCustomization
	at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:397)
	at com.google.gson.Gson.fromJson(Gson.java:1227)
	at com.google.gson.Gson.fromJson(Gson.java:1137)
	at com.google.gson.Gson.fromJson(Gson.java:1047)
	at com.google.gson.Gson.fromJson(Gson.java:982)
	at net.jami.jams.common.objects.responses.DeviceRegistrationResponse.setPolicyData(DeviceRegistrationResponse.java:79)
	at net.jami.jams.server.core.workflows.RegisterDeviceFlow.registerDevice(RegisterDeviceFlow.java:81)
	at net.jami.jams.server.servlets.api.auth.device.DeviceServlet.doPost(DeviceServlet.java:129)
	at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:697)
	at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:778)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
	at net.jami.jams.server.servlets.filters.ARequestLoggingFilter.doFilter(ARequestLoggingFilter.java:27)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
	at net.jami.jams.server.servlets.filters.DApiFilter.doFilter(DApiFilter.java:75)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
	at org.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:351)
	at org.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:170)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:123)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:339)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:845)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1563)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.IllegalStateException: Expected a string but was BEGIN_OBJECT at line 1 column 290 path $.uiCustomization
	at com.google.gson.stream.JsonReader.nextString(JsonReader.java:836)
	at com.google.gson.internal.bind.TypeAdapters$15.read(TypeAdapters.java:421)
	at com.google.gson.internal.bind.TypeAdapters$15.read(TypeAdapters.java:409)
	at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$1.readIntoField(ReflectiveTypeAdapterFactory.java:212)
	at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$FieldReflectionAdapter.readField(ReflectiveTypeAdapterFactory.java:433)
	at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:393)
	... 37 more

LE>Desktop is Windows 10 and phone have Android 14

1 Like

Which java version do you use?

1 Like

Hello,

I have the same issue, however it happens with any amount of users created, even just 1.
So, I have:

  1. downloaded jams.tar
  2. extracted
  3. started jams on port 8080
  4. Went through initial setup, created self-signed CA, admin password and so on
  5. created default blueprint
  6. created group, associated with blueprint
  7. created user, added to group
  8. configured nginx with proper cert and added CA from step 4 as client_ssl_certificate
  9. tried to connect from Adnroid 14 and latest Jami client- failed
  10. tried to connect from Linux and latest Jami client - failed

Error message at jams.log:

[http-nio-8080-exec-7] ERROR net.jami.jams.server.core.workflows.RegisterDeviceFlow - An error occurred while enrolling the device.
com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected a string but was BEGIN_OBJECT at line 1 column 314 path $.uiCustomization
com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected a string but was BEGIN_OBJECT at line 1 column 314 path $.uiCustomization
        at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:397)
        at com.google.gson.Gson.fromJson(Gson.java:1227)
        at com.google.gson.Gson.fromJson(Gson.java:1137)
        at com.google.gson.Gson.fromJson(Gson.java:1047)
        at com.google.gson.Gson.fromJson(Gson.java:982)
        at net.jami.jams.common.objects.responses.DeviceRegistrationResponse.setPolicyData(DeviceRegistrationResponse.java:73)
        at net.jami.jams.server.core.workflows.RegisterDeviceFlow.registerDevice(RegisterDeviceFlow.java:76)
        at net.jami.jams.server.servlets.api.auth.device.DeviceServlet.doPost(DeviceServlet.java:106)
        at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:590)
        at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:658)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:195)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at net.jami.jams.server.servlets.filters.ARequestLoggingFilter.doFilter(ARequestLoggingFilter.java:44)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at net.jami.jams.server.servlets.filters.DApiFilter.doFilter(DApiFilter.java:68)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at org.apache.catalina.filters.CorsFilter.handleNonCORS(CorsFilter.java:331)
        at org.apache.catalina.filters.CorsFilter.doFilter(CorsFilter.java:158)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
        at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:389)
        at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
        at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:896)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741)
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
        at java.base/java.lang.Thread.run(Unknown Source)

When sniffing traffic on port 8080 I see that client (android or Linux) send CSR as below:

	POST /api/auth/device HTTP/1.0
	X-Real-IP: xx.xx.xx.xx
	Host: jams.mydomain.com
	Connection: close
	Content-Length: 1751
	User-Agent: Jami Daemon (Android/arm64)
	Accept: application/json
	Authorization: Basic <passwrdhashhere>
	Content-Type: application/json
	X-Forwarded-For: <client_ip>
	X-Forwarded-Host: jams.mydomain.com
	X-Forwarded-Port: 443
	X-Forwarded-Proto: https
	X-Forwarded-Server: <myserver-hostname>
	Accept-Encoding: gzip
	
	{
		"csr" : "-----BEGIN NEW CERTIFICATE REQUEST-----\nMIIElTCCAn0CAQAwUDEUMBIGA1UEAxMLSmFtaSBkZXZpY2UxODA2BgoJkiaJk/Is\nZAEBEygwZjhmYjdiNDg1ZDQyNGM2YWUzYjg0NTk0ZGQ4Yjg2OWUyNWsdfsdfsdfsdfsdfGFiMIIC\nIjANBgkqhkiG9w0BAQEFAsdfsdfdhytrhrtyr567456456456XC66xWzqfHR8JV\nwV9gXoQglmim64Tyt1lcjutaBGCQPVgLDvw+lkRal2Gi2Bv3kMfV5zcoJypRyzWJ\nyfkULg3EFlcJ9o5S4LQ7da10CjS5zYAoDq0Mgxcbzvtvfdrx4FBUl/6/t2LL7C8s\ncp3TaR0p7VmfUHSX7C5PAE3jdtSjdrHgcs+D/zor7t5HiaO9p+Y5de4KP2UF1AUk\nF2Kfmqw9aW2OY/TE3h/Ax00hNfQ78eZOubvHF/IttLyUSstfp1o/u3btq3TucZ7w\nymY0haxpjTC83XvZNQ8iif/SYV0ZQUm/awcO2TzTJ8mVQtcjOHJoa1vY/sVZ13LR\n38eWJIeptTLuCfnPj0OmaV8H1w2FD7w5AR6UUP3qHBT2N6CZPRiMPabWTHRfZlE/\nxT3sdfsdfsdfsdfsdfduK6Dj34FfBUUHn7dEyiNoMFxX7Vpoh1ZByEn\nvJVQs2x7WyuvLtVvMg1DY4SKi27ovg+iLyatU0oGhZDJItdQndPB+1XxX+fAjRwN\nyZJEgNIdLz6Lj9+1FSQllVSJ3eyFrY+9CPLHuLKI4w+VJtGSm3aowofMbA7zLULZ\nOo6zz/YwnUaMsP+cBP831AhfNoE8yjMsSIuyEocOk2gcwDj4sqShigOuyw0kq7EG\n6aUzjam0eb+9ctJk7CECAwEAAaAAMA0GCSqGSIb3DQEBDAUAA4ICAQBkuGiEuLKQ\nwF6VA5S9WENh2lzpoq6cpFgow6gtD1+oP5fuXGpn07M+Uj9laq3X4YQ127qKiDqP\nRzMBVrZ0SAiJVNFK+GXYbdcGmhto/XPYbpT3nZpntn0PCXMH77Px7IDe9Jkz+mhF\n3sVLeNbbp7W2rQ8aP8ypYcmcnI50wrQwB7Eq/mjQy410XI3SfqjvxV231PAe4Ia0\nXsgerhe9tj3094heroigheoigjpweogjrpeohjewpotkwe[ptkwopg903495j3451F4znHBR7/Z5pXM4S1u9t+vqUMw6wAQAEBP1cDNqQ\nojyAoMQKT3iypMZPY6NmNfgrKvEbMWEuarlMbapUY7IhZje7Pb6qMz/xilYX+rJ1\nlW3haTrpH7YkwQq9ltcWZaKxLwvdBHtArT54RZOi9YahMGyQDFSz+VieWqnUljYr\nVYlV/HC8vNs4erewYI25L85CPKnCURwnppAu45KA9XYBKOf7nD6G9TjcTQZ3/2nk\noNkm70ydLXyUWeCz+v8I5bOIkt0nyQoySWp7j7EZOWRFj6GoMrkmGzz05uuy2r5a\nnoTXIpfeNIpJVSepaU8GvwzFlUfOkQlp8pOCMk8hqpcw4CB+ZJEIRd8ju8hwasey\nYMJ5fppPbm5UPaQzd9D50NPIoFFWyFKkEA==\n-----END NEW CERTIFICATE REQUEST-----\n",
		"deviceName" : "Google Pixel X"
	}[!http]

Tried with Java 11 and Java 17 - the result is the same.

Tested the same setup, but running JAMS on port 8443 and providing with valid certificate and key.
The error message is the same, and client cannot connect.