EDIT: Updated one last time for some more details.
SUSPECTED PROBLEMS WITH LOS20/ANDROID 13 CERT STORE / USER INSTALLED CERTIFICATES
We don't install any google on our LOS devices, so I can't comment on those problems in LOS 20.0, but we are having a hell of time with our email and the LOS20/Android 13 certificate store / user credentials fritzing out, requiring frequent reboot to fix for a little while.
Since we got onto LOS20/Android 13 a few days ago, FairEmail runs fine for a few hours but always eventually ends up unable to sync/read/access our (Courier) IMAP mailboxes and/or send emails to/through our (Postfix) SMTP server. These are 2 separate problems that affect FairEmail on a per-account basis, ie, I have 3 email accts set up in my FairEmail, my wife has one acct set up on hers.
Any one of my 3 accts may be the one to start acting up, and once it does, whichever service (IMAP or SMTP), you won't get that service for that acct working right again until you reboot the phone. And eventually both services for each account set up will fail. Same on her phone with only 1 acct set up.
The error msgs in FairEmail especially in IMAP indicate client TLS cert required (because this is how we run our servers, it keeps a lot of riff-raff out). In other words, FairEmail is not sending the client cert, so the IMAP server is refusing the client. The error msgs when trying to send emails (SMTP) aren't immediately obvious to be due to no client cert presented, but the restrictions the errmsgs are about "kick in" because no client cert was presented (you are treated like joe public and we are very, very picky).
It's all about the client certs, which I am storing in the user credentials/cert store on our phones. We've been running this way for years and NEVER seen anything like this until this past week.
Once we start seeing problems with FairEmail IMAP sync or sending emails because of the certs, other issues show up when in the user credentials section of the Security settings such as: can't view the list of user installed certs, it crashes or just returns you back to previous menu. You also won't be able to successfully add another cert or delete one from the user certificates store.
I think what's happening, or something like it, is that the certificate store is getting "jammed up" somehow where FairEmail can't read the cert anymore, and once that happens, that service on that acct stops working. Others on the same phone follow the longer you let it go before rebooting.
This all goes away (for a little while) when you reboot.
EDIT: For clarity/detail, the same client cert is used for IMAP and SMTP client auth from the same phone, one client cert per phone, regardless of how many accts are set up in the email app to use that phone's issued client cert.
Over the last couple weeks we have upgraded from 18.1 -> 19.1 and then 19.1 -> 20.0. Dirty flashed to 19.1, and were mostly happy except some weirdness with rapid charging. This and couple other minor things made me decide that to get to 20.0, I would to back up our apps and contacts etc. with Migrate 4 NG, dirty flash from 19.1 -> 20.0 and then factory reset/wipe data, then restore from Migrate backups with Migrate Flasher.
I've had some interaction with the author of FairEmail but he hasn't changed the SSL/TLS code lately and I am more apt to believe this is a problem with cert store in Android 13 / LOS20 right now.
Just in case anybody else seeing anything similar with user installed certs/credentials.
Again, no google here.
)
