github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-05-07 19:39:41 -05:00
Code Issues 1.1k Packages Projects Releases 122 Wiki Activity

[GH-ISSUE #5808] [PM-25307] Addy.io API integration fails due to Rustls certificate verification (false revoked) #14973

New Issue
Closed
opened 2026-04-15 01:13:56 -05:00 by GiteaMirror · 3 comments
GiteaMirror commented 2026-04-15 01:13:56 -05:00
Owner
Copy Link

Originally created by @GregHabiskis on GitHub (Aug 29, 2025).
Original GitHub issue: https://github.com/bitwarden/android/issues/5808

Steps To Reproduce

  1. Open Generator tab
  2. Select Username
  3. Under Username Type select Forwarded email Alias
  4. Under Service select addy.io
  5. Under API access token use API Token generated in addy.io portal
  6. Under Domain name (required) use custom domain name as in addy.io defined
  7. Click "Regenerate" icon

Expected Result

New Username generated and reflected in addy.io portal (works on desktop Bitwarden and web vault)

Actual Result

Error Pop Up:
error sending request

Refuses the TLS certificate during API calls.

Screenshots or Videos

Image

Additional Context

From adb logcat:
W com.bitwarden.sdk: rustls_platform_verifier::verification::android: certificate was revoked: java.security.cert.CertPathValidatorException: Certificate does not specify OCSP responder E com.bitwarden.sdk: rustls_platform_verifier::verification::android: failed to verify TLS certificate: invalid peer certificate: Revoked
The certificate chain for api.addy.io:

  • Issued by: Let’s Encrypt R3
  • Root: ISRG Root X1
  • Valid, not expired

Bitwarden Android uses Rustls verifier rustls_platform_verifier, which appears to reject Let’s Encrypt certificates without OCSP responder URLs, marking them as revoked even though they are valid.

Build Version

2025.8.0 (20577)

What server are you connecting to?

US

Self-host Server Version

No response

Environment Details

  • Device: Realme C25s RMX3195
  • Android: 13 (Realme UI 4)
  • Bitwarden version: 2025.8.0 (F-Droid and Play Store tested)
  • DNS: Tested with system default, NextDNS, Google (8.8.8.8), Cloudflare (1.1.1.1) → same result
  • VPN: tested with and without → same result

Works fine on Desktop app (Flatpak) and Web Vault (Brave browser)

Issue Tracking Info

  • I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
Originally created by @GregHabiskis on GitHub (Aug 29, 2025). Original GitHub issue: https://github.com/bitwarden/android/issues/5808 ### Steps To Reproduce 1. Open **Generator** tab 2. Select **Username** 3. Under **Username** Type select **Forwarded email Alias** 4. Under **Service** select **addy.io** 5. Under **API access token** use _API Token_ generated in _addy.io portal_ 6. Under **Domain name (required)** use _custom domain name_ as in addy.io defined 7. Click "Regenerate" icon ### Expected Result New Username generated and reflected in addy.io portal (works on desktop Bitwarden and web vault) ### Actual Result _Error Pop Up:_ `error sending request` Refuses the TLS certificate during API calls. ### Screenshots or Videos ![Image](https://github.com/user-attachments/assets/5c19c751-7f38-4186-a7a2-c9d19ec4b307) ### Additional Context From adb logcat: `W com.bitwarden.sdk: rustls_platform_verifier::verification::android: certificate was revoked: java.security.cert.CertPathValidatorException: Certificate does not specify OCSP responder E com.bitwarden.sdk: rustls_platform_verifier::verification::android: failed to verify TLS certificate: invalid peer certificate: Revoked ` The certificate chain for [api.addy.io](url): - Issued by: Let’s Encrypt R3 - Root: ISRG Root X1 - Valid, not expired Bitwarden Android uses **Rustls verifier** `rustls_platform_verifier`, which appears to reject Let’s Encrypt certificates without OCSP responder URLs, marking them as **revoked** even though they are valid. ### Build Version 2025.8.0 (20577) ### What server are you connecting to? US ### Self-host Server Version _No response_ ### Environment Details - **Device:** Realme C25s RMX3195 - **Android:** 13 (Realme UI 4) - **Bitwarden version:** 2025.8.0 (F-Droid and Play Store tested) - **DNS:** Tested with system default, NextDNS, Google (8.8.8.8), Cloudflare (1.1.1.1) → **same result** - **VPN:** tested with and without → **same result** Works fine on Desktop app (Flatpak) and Web Vault (Brave browser) ### Issue Tracking Info - [x] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
GiteaMirror added the app:password-managerbug labels 2026-04-15 01:13:56 -05:00
GiteaMirror commented 2026-04-15 01:13:58 -05:00
Author
Owner
Copy Link

@bitwarden-bot commented on GitHub (Aug 29, 2025):

Thank you for your report! We've added this to our internal board for review.
ID: PM-25307

<!-- gh-comment-id:3235611711 --> @bitwarden-bot commented on GitHub (Aug 29, 2025): Thank you for your report! We've added this to our internal board for review. ID: PM-25307
GiteaMirror commented 2026-04-15 01:13:58 -05:00
Author
Owner
Copy Link

@GregHabiskis commented on GitHub (Aug 29, 2025):

Duplicate of #4566 with more details.

<!-- gh-comment-id:3235619427 --> @GregHabiskis commented on GitHub (Aug 29, 2025): Duplicate of #4566 with more details.
GiteaMirror commented 2026-04-15 01:13:59 -05:00
Author
Owner
Copy Link

@rmcdowell-bitwarden commented on GitHub (Aug 29, 2025):

Hi there!

Thank you for your report, it seems like it is a duplicate of this one https://github.com/bitwarden/android/issues/4566

Thank you to @GregHabiskis for highlighting that.

If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time in there - our engineering team will be happy to review these.

This issue will now be closed.

Thanks!

<!-- gh-comment-id:3235716252 --> @rmcdowell-bitwarden commented on GitHub (Aug 29, 2025): Hi there! Thank you for your report, it seems like it is a duplicate of this one https://github.com/bitwarden/android/issues/4566 Thank you to @GregHabiskis for highlighting that. If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time in there - our engineering team will be happy to review these. This issue will now be closed. Thanks!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label app:password-manager bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#14973
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?