openclaw android app | Friends of the Crustacean 🦞🤝 | Page 1

runic bane May 11, 2026, 2:37 PM

#

I want to connect to the openclaw android app.

It has a scan QR code to get the token and url, but the thing is that I'm exposing my claw with nginx-proxy manager.

When specifying my claw url.

claw.example.com
port 443

so it's https I'm getting "protocol mismatch"

grave helmBOT May 11, 2026, 2:38 PM

#

That error usually means one side is speaking normal HTTPS while the app/Gateway is expecting a WebSocket.

For Android, the public endpoint needs to be WebSocket over TLS: wss://claw.example.com on port 443 — not https://claw.example.com as the Gateway URL. If the app UI splits fields, use:

host: claw.example.com
port: 443
TLS / secure: on

In Nginx Proxy Manager, make sure the proxy host forwards to the OpenClaw gateway as plain HTTP/WebSocket internally, usually:

Forward hostname/IP: your OpenClaw machine/container
Forward port: 18789
Scheme: http (not https, unless you separately put TLS on the backend)
Websockets Support: enabled

If you generate a QR/setup code, generate it with the external WS URL, e.g.:

#

openclaw qr --url wss://claw.example.com

Then after scanning, approve the pairing request:

openclaw devices list
openclaw devices approve <requestId>

Docs: https://docs.openclaw.ai/platforms/android and https://docs.openclaw.ai/cli/qr

Also, quick sanity check: what does openclaw --version show? Version mismatch can make mobile pairing errors confusing.

runic bane May 11, 2026, 2:42 PM

#

I'm still getting the same and the "resolved endpoint" says "https://claw.example.com" not wss://

ping@bashbitch:~$ openclaw --version
OpenClaw 2026.5.10-beta.1 (a6f8087)

grave helmBOT May 11, 2026, 2:43 PM

#

Good catch — the Resolved endpoint showing https://... is actually expected UI behavior in that Android build. I checked the Android code: it parses wss:///https:// as tls = true, displays it as https://..., then the actual socket connect is built as wss://host:port internally. So that display alone is not the failure.

If you’re still getting “protocol mismatch”, I’d look at Nginx Proxy Manager next. The most common bad combo is NPM forwarding to the OpenClaw gateway as HTTPS when the gateway is plain HTTP/WebSocket.

In NPM, the proxy host should be roughly:

Domain: claw.example.com
Scheme to backend: http
Forward host: your OpenClaw host/container IP
Forward port: 18789
Websockets Support: enabled
SSL tab: Let’s Encrypt cert enabled for the public side

Then generate/enter the external endpoint as:

#

openclaw qr --url wss://claw.example.com:443

or manually: host claw.example.com, port 443, TLS on.

Quick test from another machine would be:

curl -i https://claw.example.com/

If that returns an Nginx “protocol mismatch”/502-ish page, NPM is forwarding wrong. If it reaches OpenClaw auth/dashboard-ish output, the proxy is at least talking to the gateway.

Also worth checking the gateway logs while you try connecting:

#

openclaw logs --follow

If you paste the exact NPM Proxy Host settings — redact secrets, but include Scheme/Forward Host/Port/Websocket/SSL options — I can sanity-check it.

runic bane May 11, 2026, 2:47 PM

#

May 11 14:46:34 bashbitch node[1055816]: 2026-05-11T14:46:34.844+00:00 [ws] protocol mismatch conn=4988b877-eea2-49a0-bbbb-5249fe2307d7 remote=10.146.6.1 client=Pixel 9 Pro ui v2026.4.5
May 11 14:46:34 bashbitch node[1055816]: 2026-05-11T14:46:34.861+00:00 [ws] closed before connect conn=4988b877-eea2-49a0-bbbb-5249fe2307d7 peer=10.146.6.1:43052->10.146.6.130:18789 remote=10.146.6.1 fwd=172.25.0.1 origin=n/a host=claw.vhost.harre.dynv6.net ua=okhttp/5.3.2 code=1000 reason=bye

The traffic seems to come to claw

grave helmBOT May 11, 2026, 2:47 PM

#

Yep, traffic is reaching OpenClaw correctly. This log is not an Nginx/TLS protocol mismatch anymore — it’s the OpenClaw gateway rejecting the Android client protocol version.

The giveaway is:

client=Pixel 9 Pro ui v2026.4.5

Your gateway is 2026.5.10-beta.1, but the Android UI/client is 2026.4.5. The gateway checks the client’s minProtocol/maxProtocol during the WebSocket handshake and closes with protocol mismatch if the app’s supported protocol range doesn’t overlap.

Fix: update/rebuild/reinstall the Android app from the same/current OpenClaw version as the gateway, ideally 2026.5.10-beta.1 or newer. After updating the app, try the same wss://claw.vhost.harre.dynv6.net:443 endpoint again.

So: proxy looks like it’s doing its job; the Android app is just too old for that gateway. 🦞

runic bane May 11, 2026, 2:48 PM

#

Where can I get beta android app?

grave helmBOT May 11, 2026, 2:48 PM

#

I don’t think there’s a public beta APK/Play beta link right now. The docs say the Android app is not publicly released yet and needs to be built from source.

Build from the repo:

git clone https://github.com/openclaw/openclaw
cd openclaw/apps/android
./gradlew :app:assemblePlayDebug

Then install the generated debug APK, or with USB debugging enabled:

./gradlew :app:installPlayDebug

Docs: https://docs.openclaw.ai/platforms/android

#openclaw android app