This project has moved. For the latest updates, please go here.

HTTPS WebDAV access not working

Aug 15, 2015 at 10:56 PM
Recently I am unable to connect to my HTTPS WebDAV kdbx file. I'm out of ideas for troubleshooting. Anybody have any ideas? Thanks.

Configuration:
Keepass2Android on Samsung Galaxy S5 (Android v5.0)
WebDAV via Apache on Centos 6 box

Steps taken:
  • Reinstall Keepass2Android
  • Reduce CipherSuite in Apache to a weaker version that used to work
  • Test from browser on phone (Chrome) and on desktop (Firefox): Success.
  • Review httpd SSL logs: no evidence app ever even attempts a connection
  • Check for SELinux denials to httpd, just in case: none
Aug 16, 2015 at 3:02 PM
Did you maybe change your Apache config in the last time? Keepass2Android does not support TLSv1.1 and TLSv1.2. Secure ciphers are also not supported as you already found out.
Aug 20, 2015 at 2:47 AM
It's a good suggestion. I just went back to the basic Apache default install and retried:

SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

This definitely used to work.

There's one more thing I noted: When you first load and run the app and try to sync, you immediately get an error "Failed to write headers". If you attempt to sync again, it spins forever trying to download the file, but there is no evidence it ever even hits the firewall.

Maybe a bug? Maybe a security update to Android 5.0 that broke things? Two OTA updates have happened recently.


Thanks.