Self-hosted sync server iOS AnkiMobile error 9836


first off, I’m aware that the self-hosted sync server (see https[://]docs.ankiweb[.]net/sync-server.html#client-setup) “is an advanced feature [and] the expectation is you can resolve any setup/network/firewall issues you run into yourself […]”. I don’t expect help but if anyone has any ideas, would appreciate them.

My setup:

  • Standalone sync server built with cargo on cloud VM behind nginx reverse proxy from Github tag 2.1.66. For the nginx config I used mostly the one in the Readme file here https[://]github[.]com/ankicommunity/anki-sync-server/blob/develop/ from another older project, as I was having issues when I first tested it with Caddy.
  • Anki Desktop 2.1.66 on my Linux notebook.
  • AnkiMobile 2.0.96 on iOS 17.

Syncing works just fine from and to my notebook. I can also observe the log files of the anki-sync-server and nginx and can see the requests all go through without any errors even for large media library. However my issue is that syncing does not work at all with AnkiMobile.

This is the error:

I tried several things:

  • Run server with only IPv4, only IPv6 and dual-stack IPv4/IPv6.
  • Connect iOS device through home network, and through different VPN connections to business, school, commercial “privacy” VPN network.
  • Power-cycle iOS device.
  • Specify port 443 in AnkiMobile settings, and not specify it.
  • Use slash / at the end or URL in AnkiMobile settings, and no slash.

Also some observations:

  • I can reach the server just fine from the iOS device through Safari and third-party browsers from the App Store, in all scenarios that I tested, so regardless of IP version or VPN usage.
  • The error message appears regardless of valid user credential input or random input.
  • There are no log messages in any access logs of nginx or the sync server when trying to use AnkiMobile.

That appears to be an issue with your SSL setup, such as a self-signed certificate. I imagine if you point to http://anki_server instead of https://proxy_server, it works? If so, you’ll need to figure out what’s wrong with the reverse proxy setup, perhaps starting by surfing to it in Safari.

1 Like

Appreciate the idea. I will give that a try today. The certificate should be perfectly valid, as I have a standard ACME setup running and the hostname is in public DNS. And as I stated, connecting to it from Safari on the iOS device works fine. It returns 404 error with successful TLS connection and I can see the query in access logs, just nothing when using the AnkiMobile app.

Yesterday evening I did a last additional test with an Android phone where I installed the latest version of the third-party software AnkiDroid. It worked great with the server and synced even the big media library in no speed. So generally that looks great when it comes to the performance of the self-hosted sync server so far (at least if you want to use it just for yourself, as I am planning to).

I will temporarily disable the firewall in front of the sync server later today and try to reach it directly from the AnkiMobile app on the iOS device and the report back. Thanks Damien! Your software is with me now since 2012 when I was studying for my high-school-level graduation exam that is mandatory here and I never stopped using it.

1 Like

Finally found the issue from this post: TLS 1.3 connection fail | Apple Developer Forums so it seems like probably AnkiMobile uses deprecated ˋCFHTTPStreamˋ or similar somewhere and because I got the TLS part of my nginx config from the Mozilla SSL config generator with „modern“ settings, this error occurred.

Good news: Desktop version of Anki and AnkiDroid support TLS 1.3 fine. And all versions play nicely with IPv6-only servers in general :blush: Hopefully this thread will help someone else in the future who might run into this. Thanks everyone!

1 Like

Thanks for the info - the problem is we rely on Apple’s SecureTransport on iOS, and that doesn’t support TLS 1.3. I’ll update the docs to mention this.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.