FAQ

👑 For administrators

Configuration of users’ devices

Make sure you’re using the latest version of Olvid

Upgrading to the latest version of Olvid allows you to benefit from the latest features and bug fixes, and to maintain optimum compatibility with the maximum number of devices and users, as well as with the backup of your profiles.

iPhone iPad


Latest version: 3.9 - 2025-07-07

Android


Latest version: 3.8.1 (build 274) - 2025-07-28

Mac


Latest version: 3.9 - 2025-07-07

Windows


Latest version: 2.6.0 - 2025-09-10

Silent installation of Olvid for Windows.

Linux


Latest version: 2.6.0 - 2025-09-10

Connectivity

Connection to our servers

You can use our Connection test to test the ability of your device to connect to the servers required for mobile and desktop applications.

Intervention of third-party applications or hardware

Some applications or hardware that filter network connections may prevent Olvid from working properly, such as:

Configuring or deactivating them, or even uninstalling them, will confirm whether this solves the problem.

Internet connectivity

Here’s how to ensure that your devices are freely connected to the Internet, without any specific network restrictions or third-party applications interfering with normal Olvid operation.

iPhone iPad

Apple Support

Android

Android Help

Manage advanced network settings on your Android phone.

For network administrators

Contact your network administrator or Internet service provider, providing them with the following information.

Servers required for mobile and desktop applications

Other servers

  • Apple and Google push notification servers for iOS and Android mobile apps.

  • No specific server for the desktop version. Notifications go through the WebSocket on ws-server.olvid.io.

  • iCloud and Google Drive servers for iOS and Android Olvid profiles backups.

  • web.olvid.io, TCP:443 (HTTPS) for Olvid Web with an Android.
    • Elastic load balancer with an internal AWS DNS.
  • When sharing a link, a request to the site involved can be made to retrieve a preview.

Keycloak server hosted on premise

  • server.olvid.io, TCP:443 (HTTPS)
    • Cloudfront distribution on API Gateway, IPv4 only for now.
    • REST API where only the https://server.olvid.io/keycloakQuery point is called, in POST.

Configuring Olvid via the Settings Generator

You can use the Ovid Settings Generator to configure, replicate, manage, update and share an Olvid settings environment with your Olvid users.

This generator lets you generate a simple Settings Link and its QR Code to share with your users, that they simply click or scan to have the Olvid app on their device automatically configured as you recommend.

  1. Access the Settings Generator.

  2. Make your selections.

    A Configuration link and its QR code are updated automatically (top right).

  3. Share this Configuration link or its QR code with your users.
  4. After clicking the link or scanning the QR code, Olvid automatically opens on the user’s device, giving them the choice of accepting or rejecting the settings.

Each user and administrator can study the settings of the link proposed to them.

  1. Access the Settings Generator.

  2. Click on Import settings (top right).

    A pop-up opens.

  3. Paste here the Configuration link to import, and click Import or Cancel.

    The link’s settings are updated and displayed on the web page.

  4. Modify or not the choices, according to your preferences.

Deploying and configuring Olvid via an MDM

Like any app in the stores, Olvid can be deployed and configured via an MDM (a mobile device management app).

Silent installation of Olvid for Windows

To silently install Olvid for Windows, run the command:

msiexec /i Olvid-2.6.0.msi INSTALLDIR="C:\Program Files\Olvid\" /passive /qn /norestart

Adding an internal certificate to the trusted CAs of Olvid for Windows & Linux

Olvid for Windows & Linux comes with its own set of trusted root CAs and does not rely on the computer’s trusted certificates. If Olvid needs to connect to a server exposing a certificate signed by an internal CA (typically a proxy with SSL/TLS inspection, or the Keycloak user directory), this internal CA must be added to the application’s keystore.

You may detect such a certificate is missing if the Olvid logs contain warnings of the kind:

javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

The Olvid keystore is located in the file runtime/lib/security/cacerts inside the Olvid installation directory. If using the default installation path, this is:

  • for Windows: C:\Program Files\Olvid\runtime\lib\security\cacerts
  • for Linux: /opt/olvid/lib/runtime/lib/security/cacerts

Adding an internal certificate can be done following these steps:

  1. Prepare your certificate in PEM or DER format in a file named my_ca.pem or my_ca.der. If needed, you can convert between both formats using a command like: 
    > openssl x509 -in my_ca.pem out my_ca.der -outform der
  2. Locate the keytool utility inside the Olvid installation folder:
    • for Windows: C:\Program Files\Olvid\runtime\bin\keytool
    • for Linux: /opt/olvid/lib/runtime/bin/keytool
  3. Check that the keytool command can properly read the certificate: 
    > keytool -printcert -file my_ca.pem
  4. Import the certificate into the keystore using keytool: 
    > keytool -importcert -alias "My CA" -storepass changeit -file my_ca.pem -keystore <path to the cacerts file>
    • changeit is the default password for the JVM keystore, no need to actually change it 😁.
    • when prompted whether to trust the certificate, enter yes.
  5. Check that the CA was properly added by listing all certificates in the keystore: 
    > keytool -list -storepass changeit -keystore <path to the cacerts file>