We have an application which we run on a POS terminal, that should receive data from an application running on the same machine, while displaying content from a remote site which is loaded over HTTPS.
To receive the data from the local application, we want to use websockets, which is working fine so far. However, when the site we're displaying is loaded over HTTPS, the websocket connection is required to be encrypted as well.
Because we can't really get a proper certificate for localhost, we're just using a self-signed one. But Chrome won't connect to a websocket that uses a self-signed certificate.
How can we resolve this problem? We can't use an unencrypted websocket, we can't use a self-signed certificate for the encrypted one and we can't get a signed certificate for localhost. What option am I missing?
If you have admin privileges on the POS terminals, how about adding a line to the HOSTS file like:
127.0.0.1 localhost.mycompany.com
Now you can use a real certificate for localhost.mycompany.com in the server application.
Related
I would like to link my Expo(React Native) app to local GraphQL backend,
http://localhost:4000/ <- Works fine
http://192.168.X.X:4000/ <- This doesn't work
I do see the Apollo Studio page, but it comes up with the below message:
Unable to reach server
Network requests from Studio on HTTPS to your HTTP endpoint are not secure,
so we cannot introspect your endpoint.
https://studio.apollographql.com/sandbox/explorer
Apollo Studio has a special exception that allows it to communicate with "localhost" over http, but all other endpoints must be over https.
If you (like me) are running virtual machines on your local machine and need to use Apollo Studio, the only solutions are to make the connection https somehow, or forward a port in your host OS so that you can access it via localhost. How to do THAT depends on your OS.
I've created my own webserver using Node.js ans is using it with my DNS from webhost routed to my raspberry pi at home.
How do I prepare the webserver and all the files for getting an SSL certificate using Let'sencrypt?
I've not made any work prior to getting the SSL other than creating the server to run on localhost. Now it's running on a public ip while using my purchased DNS.
I haven't been able to find any litterature other than the off the shelf webservers like apache and such and I really want to run with my own.
I'm trying to connect to a socket.io inside a Node server from a React client.
Both, the React client and the instance that the Node server is located (it's a microservice, there's also a Java container running there, both within a separated docker container) have https protocols. React client is inside a s3 bucket.
The thing is, Node server is HTTP only, has no certificate, and it's causing the request to the socket.io to fail.
The connection happens without any trouble inside de develop EC2, which is not HTTPS, also running normally with localhost.
Cors are enabled.
Is there a way, without having to turn Node serve into HTTPS, to make this requests not return SSL erros?
If not, what is the easiest way to turn it into a HTTPS server to run along with the Java server?
Thanks a lot!
A very short answer. Try using nginx as WebSocket proxy for you socket.io server.
Here are couple links:
nginx as WebSocket proxy
SSL configuration to make it an https
Socket.io official configuration
I didn't know how to express it in the title, but I'm having an issue with Chrome.
I'm trying to use GetUserMedia() and GetPosition() in Chrome. I know that it requires SSL certification first, unless you're on localhost. The thing is, I can't try my project on my computer, so I must use my smart phone, and in order to access localhost through my smartphone, I must use the machine's IP address (192.168.1.4). The problem is that Chrome doesn't consider this IP address as localhost, so it requires an SSL certificate.
Is there any way I can test my project on my smartphone without having to install an SSL certififcate?
Add your IP address to Chrome's Insecure origins treated as secure setting.
Go to chrome://flags/#unsafely-treat-insecure-origin-as-secure in Chrome.
Find the Insecure origins treated as secure setting.
Enable it.
Enter in http://cntral.me:3000.
Relaunch Chrome.
Voila!
See https://medium.com/#Carmichaelize/enabling-the-microphone-camera-in-chrome-for-local-unsecure-origins-9c90c3149339 for a good walkthrough as well.
You can use a service like https://ngrok.com/ to map a public DNS address with SSL certificate to a port on your local machine.
I assume you're trying to host a Web service on a computer and access it from a smart phone using the hostname localhost.
Two options come to mind:
First, if your smart phone is rooted, you can change /etc/hosts so that the name localhost resolves to 192.168.1.4 instead of to 127.0.0.1.
Second, if you can run an SSH server on your computer, you can set up an SSH client on your phone to forward traffic on some port to another port on a different machine.
For example, in ConnectBot for Android, you can
create a profile for your computer running an SSH server on 192.168.1.4
long-press the profile, and select "Edit port forwards" and then "Add port forward" from the port forwarding menu
configure it to "Local" and then choose a local source port that can be claimed by a non-root user on your phone (say, 8080) and on the bottom line, use localhost:80 (or whatever port the computer is running the service on) to make the SSH server have the forwarding tunnel direct to itself on port 80
This will cause all traffic directed at localhost:8080 on your phone to go to 192.168.1.4:80 on your computer. The browser has no idea that the localhsot:8080 service is actually just an SSH tunnel to 192.168.1.4:80, so it will treat it like any other localhost address.
You can do this without an SSL certificate at all by tunneling the webserver to your phone's localhost.
I use termux to run this command (on the phone itself):
ssh -L 8080:localhost:8080 192.168.0.172
(Leave the ssh session open)
Then go to http://localhost:8080/ on your phone.
If you don't want the session to time out, you can use autossh:
autossh -M 0 -L 8080:localhost:8080 192.168.0.172
Important note: Your development machine (or dev server) needs to be accessible through ssh. For Linux, this can be done by installing open-ssh and enabling/starting the sshd service. You can look up guides for this online.
I have a WorkerRole configured to start node.exe via the Runtime/EntryPoint/ProgramEntryPoint element in the csdef and have a HttpsIn EndPoint configured for https on port 443 w/ a valid certificate. I'm also setting the PORT environment variable in Runtime/Environment which is used by node to listen on for incoming requests.
When I start the service (either in local dev fabric or in Azure) and try to hit the service I get the following error:
SSL connection error
Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
I have verified that node.exe is indeed started when the service starts, and if I look up the local port in the Compute Emulator, usually something like:
http://localhost:444
I am able to successfully hit node directly with that using my browser. I am also able to hit node through Azure when SSL is not configured.
What am I missing? Thanks!
The issue was that I was using the http module instead of the https module when starting the web server in Node. Works once I started the https server using the ssl certificate.
I was following a guide for SSL w/ Node in a WebRole, which requires a different set up than SSL w/ Node in WorkerRole.