I have an old device which has outdated root CA certificates, and also does not allow installing new certificates.
Is it possible to just ignore the TLS mambo jumbo entirely?
1 Like
Which device? Android version? Why can’t you install certs?
Android 8.
It is a noname Chinese tablet with 8 Gb of RAM and 256 Gb of storage. I cannot install it, because this option is not selectable in the menu. The button is there, but just does nothing.
Can you enable developer tools? If you can access it by adb, you may be able to install certificates that way. In fact, you may even be able to add them as system certificates (instead of user certs, which cause a warning notification on boot), have a look here: https://stackoverflow.com/questions/44942851/install-user-certificate-via-adb
As for the non-working button: do you have some kind of lock enabled (like pin code or similar)? Typically, adding a user certificate requires having something like that enabled.
I’ve been in a similar situation (I’m using an older device as a dedicated podcast player), and my experience is it’s hard to make such device “ignore” a missing certificate. But you should hopefully be able to add a user-level certificate with some work.
1 Like
Can you enable developer tools? If you can access it by adb, you may be able to install certificates that way.
I can run everything from Termux, but the wired connection does not work. The cable only works for charging.
As for the non-working button: do you have some kind of lock enabled (like pin code or similar)? Typically, adding a user certificate requires having something like that enabled.
Typically it does, but typically it asks the user to set up the unlocking pin when tapping the button. But in my case nothing happens.
my experience is it’s hard to make such device “ignore” a missing certificate
Why does the f-droid store even rely on systemwide certs? It is clearly an antipattern, as certs trustworthy for a program A are not necessarily trustworthy for a program B.
Is it a political decision, or nobody just bothered to implement loading 3rd party certificates?
The certs issues were for Android 7 or older.
Which exact issue do you have? Pics?
Cannot update the f-droid.org repository.
1 Like
Lol what? Since when? Stop adding untrusty certs then 
So you’ve setup a pin and it’s still unusable?
If your Android is broken and can’t load 3rd party certs, not sure F-Droid should and features to work around such.
By the way, can you update to latest and retry? https://f-droid.org/repo/org.fdroid.fdroid_1023050.apk
Lol what? Since when? Stop adding untrusty certs then
Wtf? I need to visit my government’s websites and use their apps, and no, I do not trust them for anything else. Surprised?
Also, companies give smartphones to employees, with MITM certificates pre-installed, and no, I do not want f-droid to trust them. Welcome to 2025.
So you’ve setup a pin and it’s still unusable?
Yes.
not sure F-Droid should and features to work around such.
Firefox does it now, and most commercial apps which want to ensure working on older devices.
Same behaviour.
Ok, go to Settings, Repos, F-Droid, Official Mirrors - toggle OFFhttps://f-droid.org/repo
Now, in the Latest tab, pull-to-refresh
Do you get the same error?
What if you retry after 15 more seconds? (there’s a limit of how often you can, fyi)
And again
And again
And again
Repeat
Repeat
NONE of the mirrors will ever give you an index?
(Fyi, mirrors should have many different certs, surely one can be used)
(If NONE can be used… maybe the issue is elsewhere, like… your ISP is MITMing you, are you in a firewall country? Blink twice if so…)
Ok, go to Settings, Repos, F-Droid, Official Mirrors - toggle OFF
https://f-droid.org/repo
This setting has no effect.
No matter which switches I select or de-select, the app shows a notification which says “Connecting to https://f-droid.org/repo”.
sure, that is expected
but, behind the curtain, it will try to connect to another mirror from the list
retry to refresh about 20 times, just in case (remember to wait 15 seconds between retries)
when done, if no success, go to Settings, Expert → Debug log and email that to team at f-droid.org
He is completely right here and this point requires some consideration. Did you ever go through the list of trusted root CAs that come preinstalled with any device? You will find that Chinese telecom as well as many other extremely trustworthy instances are included. Every single of those can issue a totally “trustworthy” certificate for F-Droid.org unless there is some sort of certificate pinning in action.
Just use a hardwired certificate or none and rely on PGP.
It looks like, I am having the same issue.
I could download and install fdroid, but I seem to be unable to get the app list.
I removed the f-droid.org/repo entry in the list of mirrors and tried to update more than 20 times.
But I still did not get the list.
I mostly got an error message like the one posted above.
Sometimes I got another one starting like: "F-Droid: Handshake failed SSL handshake terminated: ssl=0x99dcfe40: " …
Unfortunately it is somewhat cumbersome for me to try and reproduce that message on this device at the moment.
I have to shift to the screenshot and memorize part of the message, I want to write here, then go back to the screenshot for more of the message…
I am using a tablett with andriod 13.0.
This is also the device having the problem.
I would really like to be able to use f-droid - preferably without the need to hack the devive - at least at this time.
We need some logs then, update to latest client: https://f-droid.org/repo/org.fdroid.fdroid_1023051.apk
Retry several times
Then go to Settings, Expert, Debug logs
Mail the saved log to team at f-droid.org
I had already updated to that latest version of the client.
I did as you asked me and sent the log file.
Please let me know if you received it and it is what you needed…
Received, thanks
Can you tell which device exactly and double check to confirm Android version?
The thing is, we don’t expect certs issues on Android 7.1 or newer. 
1 Like
According to, what I find in the settings, it is
model number: Pro14
android version: 13.0.
That is, what termux says about it.
I currently do not know, how to copy that info as text, but I apparently found a way to upload a screenshot.
See the 3 drop down menu in top right of the about section? Click on that, copy/share as needed. 
1 Like