Firefox Beta (“Fennec Native”) Sync on Android – no SNI support anymore

I’m a long time user of Firefox on Android. The main reason why I started using it (and kept using it, although it sometimes really taxed my patience by slowing down my G2 / Desire Z to a degree that it was barely usable, due to high memory usage) is Firefox Sync (formerly Weave). It allows me to have my bookmarks, history and even passwords synchronized between all my desktop Firefox instances and my phone.
As with most of my Internet needs, I try to be self-sufficient from hosted services (a.k.a. cloud), so I run my own Firefox Sync server. I have this running for quite some time already, and it “just worked”. Until Firefox on Android got some major changes some weeks ago (installing the Firefox app today still brings you the “old” Firefox, from before the changes, but the Firefox Beta app, often referred to as “Fennec Native”, is the one I’m talking about now). As far as I understand it now uses more Android standard functionality, and less custom code shipped within the app. One aspect that is now “native” Android, instead of implemented in the app itself, is Sync. Firefox’s syncing is now integrated into Android’s syncing framework, and you find the sync account under Settings / Accounts and sync.

That sounds like a good thing, and I generally like the idea – but there is one small detail that caused me some trouble: Since the change, Firefox could not sync with my server anymore.
After two rounds of debugging, I figured out that this was due to the fact that the new Sync method does not work with a server that relies on SNI – Server Name Indication anymore. I reported this to Mozilla, and it became clear that there won’t be a short-term resolution of this issue, because it would require changes to the Apache HttpClient, which in term would possibly require changes to Java’s SSL functions(?).

It’s a pity, but I understand that there is not much Mozilla can do, and it’s probably regarded not as very important to satisfy the needs of the few who run their own Sync server AND use SNI. So I took one of the precious remaining IPv4 addresses I had left for the server, and used it for my sync service. Other possible solutions / workarounds would have been to buy a wildcard SSL certificate, or wait for Bug 756763 – Native Sync can’t accept self-signed certificates for custom Sync servers on Android 2 to get fixed.

Anyway, now it works again, and with my new phone having enough juice, using the new Firefox on Android is a great experience.

Leave a Reply

Your email address will not be published. Required fields are marked *