Kopano Active Sync with Huawei Android device works but fails with Samsung

Hi there,

I have managed to sync ALL my Android devices using the system’s internal IP.
Last weekend I enabled external (internet) access and was able to set up the Exchange account’s of a no name tablet and a Huawei P20 lite and successfully sync using the external domain.

But I was not successful with my Samsung A50 (Android 9) and I can only guess why.
On all the other devices I was able to just change the server adress (external domain instead of internal IP), but the Samsung doesn’t let me do this, I have to delete the old account and set up a new one.
In the settings there is no entry for the port (443) and no setting to “accept all certificates” which wasn’t a problem internally but externally I can’t even reach the server.

As this works with the other devices (and locally installed Outlook as well), this must be a Samsung specific problem and I hope someone else has had it also, given that the phones are often used.

I just talked to a friend of mine who thinks that this might have something to do with Kopano not having access to the Let’s Encrypt certificate which is successfully installed and refreshed.

I have marked the box “Use certificate in Apache” but not the other two (Dovecot/Postfix) as I don’t use them as far as I know.

Also, the mail domain is equal to the internally used domain, the external domain is just a DynDNS domain as I don’t want to use Kopano for external mails, just for calendar and contacts.

Thank you very much!

Hi @toko42,

Kopano itself does not need knowledge about the let’s encrypt certificate since all communication goes through your Webserver (Apache in this case). Does the Webserver Server the right and trusted certificate? The easiest to find that out is just opening the URL on your mobile phone, else you could use curl to check as well.

Hi @fbartels,

I thought so.

All Outlook instances as well as all browsers under Windows and Android recognize the Let’s Encrypt certificate and show me the green lock (Firefox) and I can verify that the LE certificate is used.

It must be some setting that either Samsung’s Android 9 is missing or that I have simply not found.

I found the culprit.

I have installed Blokada as I don’t want ads etc on my phone as well as a DNS of my choice.
The DNS part has to be disabled for setup of an account but can be enabled afterwards although I can’t see how this works as the address is still the same…

I guess my wife has rebooted her phone at some time and not restarted Blokada…

Thank you very much.