I have mattermost installed in my local server, currently login to it using http://192.168.x.x:8065, and I've setup a ddns port forwarding for it, means that I can login to mattermost using http://xxx.ddns.net:8065 as well.
Now I'm going to install https SSL for it, I tried using self-signed certificate, it seems work fine when I login from my desktop (chrome, firefox, desktop app).
But when it comes to iPhone native app, my mattermost will trigger error message:
Please check connection, Mattermost unreachable. If issue
persists, ask administrator to check WebSocket port.
and now all the messages coming to mattermost will not be shown and no notification at all until we manually refresh the app.
Is there any suggestion on overcoming this issue? Is it because iPhone tried to block any untrusted / self-signed certificate?
Thank you.
Best regards,
Kong
You are correct that the iPhone does not trust your self-signed certificate out of the box. An easier way to get this working would be to get a free SSL certificate for xxx.ddns.net using a service like Let's Encrypt, which will be trusted out-of-the-box by your iPhone.
This is especially straightforward to do with Mattermost, as it has built in support for using a Let's Encrypt certificate. You can configure this by following the steps in the documentation here
Related
I'm using google firebase Messaging for push notifications of my website.
my website doesn't have a domain. Its using HTTPS with self-signed certificate.
as i realized service worker needs HTTPS with valid SSL certificate. witch isn't available for sites without domain.
in some of other push notification services there is an option for HTTP websites that it opens a new window with a sub domain and notifications will be received from there.
is there any free option in any site that provides such future?
or
is there another option for me to pass invalid SSL error when enabling service worker?
btw: i'm aware about browsers flags for allowing self-signed certificate. i'm not gonna use that because i have some users now.
my frontend is a angular cli app running with nginx on a ubuntu server.
Recently we have configured SSL to open WSS on our RESTCOMM server, as we got the issue of "getUserMedia()" deprecation issue because of insecure origin issue by chromium fix.
We managed to get WSS working and we can open RESTCOM Admin portal via HTTPs over 8443 port and even OLYMPUS is working too.
But because we have configured a SSL on RESTCOM Server i think even the REST Client API calls need to be on HTTPS too. Am icorrect?
Becuase when we use the HTTP based URLs for programmatically adding clients by invoking REST Client APIs of RESTCOMM, then we are getting SSl certificate issues and the reason for this i think is that we have configured SSL cert to address the getUserMedia() security issue by CHROMIUM fix.
can i request any solution or work around for this pls.
thanks in advance
ias
The new version of google chrome doesn't allow using webcam without https :
getUserMedia() no longer works on insecure origins. To use this
feature, you should consider switching your application to a secure
origin, such as HTTPS. See https://goo.gl/rStTGz for more details.
So I need a free ssl certificate (or cheap ssl certificate) for my web application. Openssl doesn't suit me because browsers display warning message when the ssl certificate is self-signed.
An idea ?
Thank you in advance.
use https://letsencrypt.org/ to get a free valid ssl certificate recognized by your mobile phone and by your web browser
I use cloudflare.com Origin Certificate. It is pretty good.
I want to retrieve JSON files from a secure server using WebClient but my Windows Phone 8 doesn't let me as WebCLient throws an exception if it doesn't trust the SSL certificate.
The problem is that it doesn't trust most of them; Internet Explorer shows me a warning, which I can ignore by adding the certificate, but WebClient doesn't let me do that, it just blocks most of SSL sites - for example:
https://google.com
https://www.digicert.com
With HTTP everything works fine; My iPhone and Android apps are working perfectly with the service.
Is there any way to fix this or bypass SSL checking altogether?
Check your phone's time. If the system time/date is way off SSL will break. This is common on all platforms.
It is not possible to bypass SSL checking.
I have a WP7 app that communicates with the back-end via a WCF service.
A customer has asked if the app can be made more secure by communicating via an ISA server using Open SSL.
The ISA server would be public facing with the IIS Server hosting the WCF service behind a firewall. I will have to load the public cert onto the phone and have read that this can be achieved by emailing the cert then running the attachment.
I'm not clued up on ISA, Open SSL or certificates and am hoping someone can tell me if this is possible or not.
Any ideas?
Edit
I'm hoping for a little about how to configure the WCF proxy on the phone.
You need the the Root CA of the cert on the phone. You can do this a couple of ways. The simplest would be to email it to the phone as an attachement (p7b format). On the phone simply open the attachement and the phone will prompt you to install the cert (p7b). This will install the cert into the cerificate store. A good way to test if it is working right is to hit an HTTPS web URL in IE from the phone, if you dont get any security prompts about an untrusted cert it is working correctly.
You will need to have your SSL terminate at the ISA/UAG box. This would have the server cert set up on it and use it to secure the SSL channel for the web app.
More information on configuring publishing with UAG (next gen of ISA) is here: http://technet.microsoft.com/en-us/library/ee406221.aspx