OpenSprinkler Forums OpenSprinkler Mobile and Web App Using stunnel to encrypt http traffic… will that break phone apps?

  • This topic has 1 reply, 2 voices, and was last updated 5 years ago by Axel.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #42442

    Shorebird
    Participant

    Hello,

    It appears that inbound http traffic to OpenSprinkler hardware is unencrypted.

    In the past, with various IoT devices, I’ve added SSL/TLS encryption using stunnel (or similar) in addition to port forwarding for http through an OpenWRT router. This allows better security than port forwarding with unencrypted web traffic and passwords flowing inbound into your local network while also not requiring any modifications to the IoT device.

    While I expect this will work just fine for direct inbound web access I am less sure that it will work with the OpenSprinkler mobile apps. So are those apps capable of using https for connections?

    Or have I missed something and there is some other mechanism for security being used?

    Thanks in advance.

    #43472

    Axel
    Participant

    I would also like to know this. I have an OSPI running nginx doing HTTPS proxy. It works ok if I use a web browser to access OSPI from outside my network. However, it does not work with the Android native client version 1.4.11. Traffic is reaching OSPI (verified with tcpdump) but the mobile app can’t connect.

    EDIT: issue fixed, my certificate chain was incomplete, which made it work with Chrome but not with OpenSprinkler for Android 1.4.11. Now I have TLS working fine.

    I highly recommend this site:
    https://www.ssllabs.com/ssltest/index.html

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

OpenSprinkler Forums OpenSprinkler Mobile and Web App Using stunnel to encrypt http traffic… will that break phone apps?