Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Electron App cannot sign in with self-signed certs when cert contains non-English alphabet characters. #4390

Open
1 task done
StoobertB opened this issue Feb 16, 2025 · 0 comments
Open
1 task done

[Bug]: Electron App cannot sign in with self-signed certs when cert contains non-English alphabet characters. #4390

StoobertB opened this issue Feb 16, 2025 · 0 comments
Labels
bug Something isn't working electron Issues related to the desktop app (electron)

Comments

@StoobertB
Copy link

Verified issue does not already exist?

  • I have searched and found no existing issue

What happened?

I cannot confirm this on any other OS other than Windows 10 and Windows 11.

When trying to sign in to a self-hosted server protected by a self-signed certificate, you are prompted to provide the CA certificate to validate the server.
If the certificate is named, OR resides in a folder on the OS containing a character not present in the English alphabet (ø å æ õ for example) then the certificate cannot be imported and login fails.

Opening the developer tools shows a pair of traces as follows:

File name containing a European character:

Server Log: Warning: Ignoring extra certs from `C:\hello\internalæ.crt`, load failed: 
error:02000002:system library:OPENSSL_internal:No such file or directory

Folder name containing a European character:

Server Log: Warning: Ignoring extra certs from `C:\hellõ\internal.crt`, load failed:
error:02000003:system library:OPENSSL_internal:No such process
Server Log: TypeError: fetch failed
    at node:internal/deps/undici/undici:12345:11
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async lf (C:\Program Files\WindowsApps\actualbudget.org.ActualBudget_25.2.1.0_x64__6q3amkrs0bv0p\app\resources\app.asar\build\loot-core\lib-dist\electron\bundle.desktop.js:83:5067)
    at async Eu.subscribe-needs-bootstrap (C:\Program Files\WindowsApps\actualbudget.org.ActualBudget_25.2.1.0_x64__6q3amkrs0bv0p\app\resources\app.asar\build\loot-core\lib-dist\electron\bundle.desktop.js:313:4561) {
  cause: Error: unable to verify the first certificate
      at TLSSocket.onConnectSecure (node:_tls_wrap:1674:34)
      at TLSSocket.emit (node:events:518:28)
      at TLSSocket._finishInit (node:_tls_wrap:1085:8)
      at ssl.onhandshakedone (node:_tls_wrap:871:12) {
    code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'
  }
}

Moving the certificate to another folder and ensuring the filename doesn't contain these characters works as expected.

How can we reproduce the issue?

Attempt to import a self-signed certificate containing å, ø, æ, õ, ã, or similar character from outside of the US alphabet.

Where are you hosting Actual?

Docker

What browsers are you seeing the problem on?

Desktop App (Electron)

Operating System

Windows 11
@StoobertB StoobertB added the bug Something isn't working label Feb 16, 2025
@StoobertB StoobertB changed the title [Bug]: Electron App cannot sign in with self-signed certs when cert is located in a path with Latin-1 characters. [Bug]: Electron App cannot sign in with self-signed certs when cert contains non-English alphabet characters. Feb 16, 2025
@MikesGlitch MikesGlitch added the electron Issues related to the desktop app (electron) label Feb 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working electron Issues related to the desktop app (electron)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MikesGlitch @StoobertB