Can't connect using Blue Iris App on Android

Post Reply
turkeytrot
Posts: 1
Joined: Fri Aug 13, 2021 1:09 pm

Can't connect using Blue Iris App on Android

Post by turkeytrot »

Using Blue Iris 5, I'm trying to get it to work on my Pixel 2 using the app. It was working the other day, then I updated my user's password (then updated the connection settings in the app via the QR code from the wizard) and it will no longer connect. I've looked over the settings, IPs, ports, username, password countless times.

If I use Firefox on my phone, I can connect to my Blue Iris server just fine (both LAN and WAN)--it's something about the app itself that won't connect. In the connection settings, I've tried using my IP address + port, and my DDNS + port. I do have HTTPS enabled via stunnel. I've stopped and restarted the service, etc.

When I look at the stunnel logs, when I connect using the app, I get the following error:

Code: Select all

2021.08.13 09:17:02 LOG3[541]: SSL_accept: ssl/record/rec_layer_s3.c:1543: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown
2021.08.13 09:17:02 LOG5[541]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
It seems like the Blue Iris app itself doesn't trust my certificate any longer. When I used Firefox on my phone, I had to tell Firefox to trust it...I don't appear to have that ability via the Blue Iris app.

Any suggestions?
Screenshot_20210813-091536.png
Screenshot_20210813-091536.png (157.66 KiB) Viewed 2870 times
Screen Shot 2021-08-13 at 09.23.01.png
Screen Shot 2021-08-13 at 09.23.01.png (148.8 KiB) Viewed 2870 times
Matts1984
Posts: 496
Joined: Fri Apr 10, 2020 1:12 pm
Location: Maryland, USA

Re: Can't connect using Blue Iris App on Android

Post by Matts1984 »

I'm not 100% on this but I do recall there being a known issue (well it's understandable but a potential 'issue') regarding Android and untrusted certs. Since there's not really a way to force accept it like in Firefox, for the average user it's doing exactly what it should do.

That said, my setup is SLIGHTLY different than yours but fundamentally it's the same really. I do use a valid certificate using Let's Encrypt. It might be worth looking into using that to correct this, and honestly it does improve the security of it. I believe you just need a very lightweight agent on your server and some basic config steps but ultimately it's all free. The certs have a short life (3 months I recall?) but it auto-renews so no big deal.

The only real difference in my system and how yours sounds is that I have a WAF that is terminating the SSL connection and does the Let's Encrypt stuff for me. There should be no reason you can't just do it on your server directly though - I just don't have the experience to explicitly give you steps.
Blue Iris 5.8.8.x | Server 2022 VM | Xeon X5650 @ 2.67GHz - 12 Cores | 12GB RAM | 7TB RAID | Sophos UTM WAF | 4x SV3C 5MP Bullet A | 1x SV3C 5MP PTZ HX | 1x SV3C 5MP Bullet HX | 1x SV3C 5MP Dome HX | 2x Amcrest 5MP Bullet
majones
Posts: 1
Joined: Tue Aug 17, 2021 2:01 pm

Re: Can't connect using Blue Iris App on Android

Post by majones »

The need for certificates, etc, has been driving me bonkers, so I searched for a better solution. Use ZeroTier. It is free, and creates a VPN that interlinks PCs, phones, Teltonika RUT devices, whatever. It is absolutely brilliant. The only problem I have had is currently with Android 12 beta 4 that I installed on my phone, to discover that all VPN functionality in the beta is broken. But that's a Google problem that will be fixed.
User avatar
pinoybear
Posts: 1
Joined: Tue Oct 19, 2021 11:00 pm

Re: Can't connect using Blue Iris App on Android

Post by pinoybear »

Is there a solution to the error the OP asked about?

I just setup stunnel on Windows with a ZeroSSL certificatre and have no issues logging in via web browser. But I cannot login with the Blue Iris Android app of all things.
Post Reply