June 19, 2017 at 8:44 am #46840
When I’m at home I can connect to OpenSprinkler without problems, using browser or Android App. All connections are directly to OpenSprinkler itself.
Looking from the outside of my home network, I have nginx reverse proxy that accepts only HTTPS traffic, and OpenSprinkler access is protected at nginx level with HTTP auth (user name and password).
When I use web browser away from home, I get first prompted by nginx to enter user name/password, and then redirected to OpenSprinkler that asks for its own password. All as expected. And desired.
Unfortunately, using Android App, I can’t get through. I tried using DNS name, raw IP address, port and no port, checking SSL, checking Auth (I get to enter nginx user name and password, but I don’t know if they are triggered by nginx itself or by App in preparation for nginx asking for it). I pretty much tried any permutation of parameters. No matter what I get error message saying check your IP address and/or port. Needles to say, I checked them, and rechecked them. If they were wrong web browser wouldn’t work either.
Is App even supposed to work in this scenario? Seems so, given the available parameters.
App Version: 1.6.0
Hardware: 2.3 DCJune 27, 2017 at 3:16 pm #46932
Same problem here using nginx SSL proxy. Works in browser, but doesn’t work in app.
SSL certificate is valid, but from letsencrypt, might this be the problem?
App Version: 1.6.0
Firmware: current masterJuly 13, 2017 at 5:51 am #47102July 13, 2017 at 9:41 am #47105
Good suggestion. I will have to see how to do that in nginx. I will also have to switch to letsencrypt instead of doing self-signed.July 15, 2017 at 3:10 pm #47132
@predrag: Just point to the fullchain.pem instead of the cert.pem. That’s it for nginx.
BestJuly 15, 2017 at 5:59 pm #47133
You were right. Once certificate file contains full chain of authorities, OpenSprinkler App works. There should’ve been an error shown instead of just silently failing. But that may be an Android issue, not an App issue.
While there, changed over all my proxied servers from self-signed to letsencrypt certificates. It was overdue. Thanks.July 16, 2017 at 9:57 pm #47150
The app does not really know the rejection was due to SSL. The Cordova nature results in it just knowing the network failed (due to CORS and HTML5 security).
Sent from my iPhone using Tapatalk
You must be logged in to reply to this topic.