Unable to access Domoticz from apps when x509 client auth is active

Post Reply
anderslange
Posts: 3
Joined: Tuesday 04 April 2017 20:04
Target OS: -
Domoticz version:
Contact:

Unable to access Domoticz from apps when x509 client auth is active

Post by anderslange » Wednesday 19 April 2017 22:00

Hi guys

I'm running Domoticz, MyDomoAtHome gateway and an nginx reverse proxy server on a Raspberry Pi 3.

I've successfully setup the nginx proxy with a self-signed server certificate, configured port forwarding of port 80 and 443 in my router, and using freedns to map my dynamic public IP to a DNS name.

As long as I doesn't enable x509 client authentication, I can connect remotely to both the MyDomoAtHome setup site and the Domoticz Web UI, as well as connect to my Domoticz server through both the Domoticz and ImperiHome apps on my Android phone (Samsung S7).

But as soon as I enable x509 client authentication, I can't get the Domoticz nor the ImperiHome app to connect any more! Access through a webbrowser (Chrome) work just fine (as long as I have the Client certificate installed)!

I don't have any authentication requirements on the Domoticz server, since the x509 client auth on the nginx proxy should be more than adequate...

But I simply can't figure out why I can't get the Domoticz or ImperiHome apps to connect, when I activate x509 client auth on the nginx proxy server.

gordonb3
Posts: 560
Joined: Friday 22 January 2016 11:15
Target OS: Linux
Domoticz version: custom
Location: The Netherlands
Contact:

Re: Unable to access Domoticz from apps when x509 client auth is active

Post by gordonb3 » Wednesday 19 April 2017 22:31

Most likely your certificate path is incorrect and these apps can't find the corresponding root certificate to verify the x509 client cert.
Excito B3 running Gentoo Linux, P1, Rfxtrx433 to read and control TFA, KaKu, EvoHome RFG100
Custom patched Domoticz v3.8000

Damsee
Posts: 9
Joined: Thursday 20 April 2017 1:17
Target OS: Raspberry Pi
Domoticz version: 3.8153
Location: France
Contact:

Re: Unable to access Domoticz from apps when x509 client auth is active

Post by Damsee » Thursday 20 April 2017 1:20

Can't remember where i read this but i think both apps can not use x509 authentication method.

I forget those apps for that reason and i'm using direct connection to my domoticz website with my S7 too (after installing/importing the x509 certificate on your device and perform right settings for port forwarding on your router).

Hope thats helps :)
RPI3 Raspbian Stretch + Domoticz v3.8153 stable + RFXtrx433E + Z-Stick Gen5 + Amazon Echo (habridge)
x5 THGN810 / x5 ZMNHJD1 / x2 Flood sensor FGFS101 / x1 Smoke sensor FGSD002
x1 ZMNHAD1 / x2 FGS213 / x2 Wallplug FGWPE/F / NodOn Soft remote CRC-3-6-0

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest