Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Bad valid certificate check result for countries without business rules

See original GitHub issue

Avoid duplicates

Technical details

  • Device name: Samsung Galaxy A5 (2017) SM-A520F
  • OS version: 8.0.0
  • First reported on App version: CovPass App 1.72.6
  • Review as not yet fixed on App version: CovPass App 1.138.6

Describe the bug

If a validity check is carried out on a certificate for a country for which there are no Business Rules available then the result always returns “valid” even if the certificate is for an incomplete 1/2 vaccination series.

Steps to reproduce the issue

  1. In CovPass App with no other certificates stored, tap on “+”
  2. Tap Scan QR code
  3. Scan in a 1/2 vaccination certificate
  4. Note the result “Not fully vaccinated 1 of 2”
  5. Tap back arrow
  6. Tap “Check validity >” with default country “Germany” selected, screen shows:
Vaccination certificate
Invalid in this country
  1. Select country “Italy” screen shows
Vaccination certificate

(It would have been helpful to have been able to provide screenshots from CovPass App to illustrate the issue. Screenshots are however blocked by the CovPass App Android, but apparently they are not blocked by CovPass App iOS.)

Expected behavior

  • A certificate should never be listed as valid if there are no Business Rules to check against.
  • Especially an incomplete 1/2 vaccination certificate cannot be shown as valid for another country.

Possible Fix

Align result to Corona-Warn-App version 2.8 which shows the result “Your certificate could not be validated” if there are no Business Rules available.

Additional context

See also CWA 2.8 announcement

"In addition, the project team has adapted the EU certificate check. If a country has not provided any entry rules that the Corona-Warn-App can use for checking, the certificate check will state that the certificate cannot be validated. The countries that are listed under the certificate check in the Corona-Warn-App generally recognize the certificates. However, depending on the country and the applicable rules, the relevant certificate (on its own) may not authorize entry.

Previously, the app indicated in this case that the certificate is valid in the selected country. In the text below, however, it was pointed out that there are currently no entry rules available for the selected country. With version 2.8, users can clearly see that the certificate’s validity could not be checked because the relevant country has not defined any entry rules."

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Reactions:2
  • Comments:6 (1 by maintainers)

github_iconTop GitHub Comments

jleufgencommented, Sep 3, 2021

Hi, thanks for the feedback, will be fixed with one of the next releases. Best regards!

MikeMcC399commented, Sep 1, 2021

So I hope the comment from @jleufgen in

… we will change the indicator for countries that do not provide valid rules to validate not to show “valid” but “unclear”. It is planned for one of the next releases. "

also applies to Android,

Read more comments on GitHub >

github_iconTop Results From Across the Web

[Business Rules Validation]Certificate validated as eligible for ...
[Business Rules Validation]Certificate validated as eligible for travelling despite Country of Arrival has no business rules in PROD #678.
Read more >
Publication 5165 (Rev. 10-2022) - IRS
No Business rules will be applied to the submission, and if the error is found in the Manifest, the submission (XML archive) will...
Read more >
How to check if a company is legitimate - Creditsafe
You can check a Company is legit in a number of ways : Check their website, check official sources or run a company...
Read more >
Brazil Travel Advice & Safety - Smartraveller
It's important to regularly check the rules in the destinations you're ... of the country in which the traveller was immunised are valid....
Read more >
C# Ignore certificate errors? - Stack Overflow
Add a certificate validation handler. Returning true will allow ignoring the validation error: ServicePointManager .
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found