-
Notifications
You must be signed in to change notification settings - Fork 497
Error Reason: 2001; App does not work anymore #968
Comments
Thanks for the report. We've also been getting similar reports from Play Store comments. Reports from there show that
Quotes from Play Store:
Reported devices (all on CWA 1.1.1):
As reports are increasing, we will address this with high priority to product management to prioritize analyses and a fix. Mit freundlichen Grüßen/Best regards, |
@gagamail Can you please contact me directly to provide more details about the network setup |
@thomasaugsten @gagamail |
The SM-N950F is the version with the Samsung Exynos Processor and not Qualcomm Snapdragon. So I guess it can't be related?
According to the logfiles I installed the last upgrade (i don't think there was any other upgrade besides the July Patch) on July, 28th which would mean it already did not work without July Patch. |
Hi all,
And it ends with:
I hope this helps :) Cheers |
Hi @gagamail , thanks for clearing up!
So, any problems with 2001 related to that patch can be completely excluded then. |
Hi @DerPlankton13 , thanks for your report! |
Hi,
Maybe you can provide a screenshot of |
maybe any problem in server certificate pinning? |
Is correct.
I have one certificate which is not up to date. Thats an old Deutsche Telekom Root CA 2 which I needed in the past for WLAN access.
No Antivirus App installed
In my home WLAN I have a pi-hole, but the App also does not work outside of this WLAN. On the smartphone I have Blokada which I completely deactivated. Before July 21st the App worked with both activated. |
@gagamail Can you remove the old CA and test again? |
Looks like I can't. I don't find a possibility to deinstall it, according to what I found with google it is not possible to completely remove a WLAN CA. But it is (and was before) dectivated. |
Hi Kira, |
Did my screenshots help? If not, can you give me a hint where to find the settings? |
@kira99 |
There is no additional settings in the App visible. Only settings. In settings everything is on. My operating system MIUI is in German. But I could not find any similar settings to credentials. Where do I have to look? |
I mean the Android Settings not the App Settings |
Sorry, MIUI does not show this. The settings UI is not Android standard. I looked up privacy. There is not setting for credentials and I even have already activated developer mode for MIUI. |
Ok maybe you can try |
@kira99 "Vertrauenswürdige Anmeldedaten" seems to be what you should look for. |
Hi thanks for your help. |
@Stonebubble ok, thanks for the clarification 👍 |
@Stonebubble Thanks, yes, then it's related to the issue 2 days ago. For now it looks like you won't be able to receive the Monday's test result in the app anymore. Do you need further assistance? |
@vaubaehn No, that's all. Thank you ( ꈍᴗꈍ) |
Still exact same for me as for harry-g in december Today 21/01/2022
|
I got a 2001 but the certificate is enabled. The reason was for me, as far as I could figure out from the traceback, a handshake error. Sony Xperia S, Android 7.1.2 |
Thanks for reporting. You are using latest version CWA 2.16? Best wishes, DS Corona-Warn-App Open Source Team |
@dsakar sorry, in my case it’s 2.11.2.0 from F-Droid |
Dear all,
First only one phone (moto g(7) power, Android 10) was affected, since yesterday the second (Moto Z (2) Android 9). Certificate on given hints was active and also de-activating and re-activating did not fix the issue.
Phone 2 Android 9:
Thank you for looking into this. da Rob |
@da-Rob What happens if you try to access https://www.coronawarn.app on a webbrowser on your mobile device? Is it successful or do you get an error message? Is there any difference to the app error if you are connected on WiFi or on a mobile connection? |
Hey @MikeMcC399 thank you for your reply. Seems to be fixed here now, while the AVM settings of firewall for CWA should affect a high amount of users. Though: Thank you for the moment, still I was puzzled by the cryptic error messages and that the straight forward way (Re-activate certificate) did not work out. Improvement point: Add to URSACHE 2001 also hint to "Try using mobile data connection." [Edit] Thank you and best regards |
@da-Rob and all,
I had a quick check, and the reason why it is blocked via "Fritz Box Gastzugang" is a bit unfortunate: @dsarkar Is this something we should add to the FAQ? "Gastzugang" -> "#cause2001" and "Port 443" -> "#access-list" @mlenkeit
Only error no. 1 fits to the current '2001 dialog'. |
@da-Rob The FAQ article [Google/Android]: CAUSE: 2001, trying to establish a secure connection to the server does refer to [Google/Android]: Firewall/Router configuration: CAUSE: 4000, error during web request, HTTP status 901 where the list of access points is published. If there is a need to improve either of those articles, then I suggest to open a new issue for the website content using https://github.com/corona-warn-app/cwa-website/issues. |
Hallo, |
Guten Tag, auch bei mir (Note 10 + SM-N976B, Sicherheitspatch 1.Mai 2022, Android 12) tritt es seit heute auf. Alle Systemzertifikate sind aktiviert. Kann das Zertifikat (also im SSL Sinne, nicht CWA-Zertifikat) abgelaufen sein oder sowas? Mit freundlichen Grüßen |
Bei mir der selbe Fehler. Ursache: |
We're looking into it... |
@illifee @Fkultra-boop @JanMarcusEskes @StefanR22 Danke für die schnelle Meldung! Besteht das Problem weiterhin oder tauch der Fehler inzwischen nicht mehr auf? Falls doch, würde uns auch die Versionsnummer der CWA helfen. Wir haben verschiedene mögliche Ursachen für diese Fehlermeldung geprüft, konnten aber bislang auf unseren Servern nichts auffälliges beobachten und können den Fehler zum jetzigen Zeitpunkt nicht Nachstellen. |
Bei mir klappt es jetzt wieder, vielen Dank. |
Die Fehlermeldung taucht auf, wenn der Server mit einem anderen SSL-Zertifikat (bzw. -kette) antwortet als erwartet (auch bekannt als Certificate Pinning). Warum das allerdings heute morgen passiert ist, ist leider noch unklar. Wir bleiben dran. Die Tatsache, dass es jetzt wieder zu funktionieren scheint, deutet auf ein temporäres Problem in der Infrastruktur hin. |
Funktioniert jetzt wieder. |
Bei mir funktioniert auch wieder alles :-) |
I have a user on Twitter reporting this issue. @thomasaugsten has the team any assumption in which circumstances (besides of an incident) this message is shown? |
Könnte eine mögliche Ursache sein, dass ein Server ein veraltetes/falsches SSL-Zertifikat hat & wenn der Load Balancer diesen Server für die Anfrage pickt bekommt der Nutzende diese Fehlermeldung? |
This happens when the establishment of a proper SSL is failing. The faq gives information to check the ssl certificate on client side |
@thomasaugsten For the user the pop up just popped up randomly and after clicking on "OK" the app works as expected. After restarting the app the pop up does not appear again. |
EDIT: Corona-Warn-App Open Source Team
Solved: See FAQ:
ORIGINAL POST
Avoid duplicates
Describe the bug
When I open the App I immediatley get the error message "Ursache: 2001 an error occured while trying to establish a secure connection to the server". This results in a not working App. Deinstalling and restarting did not help. Last confirmed working of the App was on July, 20th, first time I saw the error was on July, 23rd. In between I did not start the App.
Expected behaviour
The App should work
Steps to reproduce the issue
Starting the App is enough, I did not do anything specific and I did not change anything on my own on my Smartphone since the App is not working anymore.
Technical details
Possible Fix
No idea
Additional context
My first thought was that Blokada changed something. Deactivating Blokada did not help. And even if so I am not willing to deactivate it completely (CWA is on the Allowed Apps list) as the App worked with it before.
Internal Tracking ID: EXPOSUREAPP-10944
The text was updated successfully, but these errors were encountered: