SSL certificate for web services do not taking effect

If you have a trouble or a bug — please, write about it in this forum
 Reply
User avatar
Lenny Lorens Mon Jul 16, 2018 2:56 pm
Hi Again,

Another small issue i noticed that when you trying to load SSL , saves and then restarts all that settings are gone when you go to that section. Also there is no information if clients are actually using ssl to communicate to server as this is perhaps only for web wersion not mobile clients for example.
Would be handy to use Let's encrypt option as saves lots of hassle. So the question is are those certificates
being used for only web session or it is being used for other end clients too?

I am enclosing screen shots - hopefully will be useful.

Thanks for any advice.

Lenny
Attachments
No ssl.jpg
Gone after restart.
No ssl.jpg (66.79 KiB) Viewed 4434 times
SSL.jpg
SSL added
SSL.jpg (81.91 KiB) Viewed 4434 times
User avatar
Andrey Rakov Mon Jul 16, 2018 4:52 pm
Hello.

Such encryption is used on the WEB server for the WEB chat, Admin Panel, Kanban board and forum only.

Encryption for Android and Windows applications is included in the “Settings” section – “Network settings”.

On the second image we see that you added the same key file to the “public key” and “private key” field.
Do you have the private key file (mychat_ghostweeb_com.key)?

There is no automatic key generation with the help of “Let’s encrypt” yet, but you can create it manually:
1) Download the leXX.zip generator from https://github.com/do-know/Crypt-LE/releases

2) Launch the application from the archive with the following parameters:
Code: Select all
le32.exe --key account.key --csr mydomain.csr --csr-key mydomain.key --crt mydomain.crt --domains "YOUR_DOMAIN_NAME" --path "C:/Program Files (x86)/MyChat Server/node/server/www/lobby/.well-known/acme-challenge" --generate-missing --unlink --live
3) You will get the set of certificate files next to the le32.exe
4) Add "mydomain.key" and "mydomain.crt" certificates to the WEB server settings
5) Restart the WEB server

Read more about key generator https://zerossl.com/usage.html
User avatar
Lenny Lorens Mon Jul 16, 2018 6:23 pm
Thank you for a very quick response. Really appreciate it.

I do have a key as well as used startool for CSR request where key has been generated.
Tried that already and still does not ley me connect using https. Still it works on http

address: http://mychat.ghostweeb.com:443

but no luck with https option.

No need to use let's encrypt as have purchased ssl . It was a suggestion perhaps for implementation like in Thirdlane Connect PBX.

Enclosing screenshots

Thank you for help.

Lenny
Attachments
Http.jpg
Http.jpg (174.96 KiB) Viewed 4422 times
Web services after restart.jpg
Web services after restart.jpg (298.55 KiB) Viewed 4422 times
SLL with Key.jpg
SLL with Key.jpg (103.22 KiB) Viewed 4422 times
User avatar
Andrey Rakov Mon Jul 16, 2018 7:10 pm
Please, show me the protocol from "Tools" - "Protocols" - "Protocol type" - "NodeJS".

Start from the last record "============= START NODE.JS ==============".
User avatar
Lenny Lorens Wed Jul 18, 2018 4:56 pm
Hi,

Sorry for a delay - had been busy unfortunately.

I am enclosing extract in attachment.

Regards:

Lenny.
Attachments
(40.6 KiB) Downloaded 256 times
User avatar
Andrey Rakov Wed Jul 18, 2018 5:11 pm
Hello.

Yuor sertificate files has "password", there is warning from the log:
Code: Select all
PEM routines:PEM_READ_BIO_PRIVATEKEY:bad password read

I will add the field for this passphrase to the control panel interface and give you a new build for testing.
User avatar
Lenny Lorens Thu Jul 19, 2018 8:29 pm
Excellent,

All in perfect shape now. Thank you so much.

Does it mean that for updates I would need to contact you every time to obtain custom server version with ssl key tab?

Regards:

Lenny
User avatar
Alexey Pikurov Fri Jul 20, 2018 12:22 pm
Great, this update will be included to the new version and you don't need the custom build of the server.
 Reply
Return to Bugs and problems