Web Terminal gives warning "Your connection is not private" #1
Comments
shermand100
added
bug
|
One of the first things I did after the PiNode-XMR installation was complete was to install libnss-mdns and its dependencies to be able to access the node at pinodexmr.local from any device in my local network (btw, that's something you might want to add as a default feature) |
|
@dalecooper This is great info thank you. The web development side is definitely a weakness of mind (hence the use of the template for the UI). So it appears for Raspbian users a lot of these dependencies are installed as standard, or have come packaged with other dependencies.
By default users can already access the index of the PiNodeXMR UI with http://pinodexmr.local avahi-daemon is then easily configured by changing This is a very good start and so easy, thank you. I wouldn't have known without you pointing this out. I'm trying to avoid installing more dependencies. So I've taken a look at "mkcert". It seems to want Go and then to compile mkcert. Although it probably won't take long to download, install and compile I'd like to avoid these steps from extending an already lengthy core install script. I'm experimenting with the already installed I'm able to generate certs, I know where I've stored them. Last step is to link shellinabox to them. |
Yes, indeed I'm running Armbian and Avahi not installed by default.
Gotcha
I know close to nothing about how SSL certificates work, but one thing I know is that with all the solutions I've tried over the years (including basic openssl) I had self-signed certificates which the browsers were not happy with. mkcert solved this but I have no idea how it does this. As far as I know Let's Encrypt can't work as they can't validate a certificate on a local only domain. On another note, I've already checked a bit the template, I'm probably able to help with that, but for now as I said I don't have much spare time :) I'll see what I can do ASAP! Also, I've found a solution to run a virtual Raspberry Pi with qemu, but it's a Pi1 so it's unusable for our purpose. I remember seeing in the install script that Ubuntu is a possible host, with Raspbian and Armbian but there's no mention of it the docs. Is it just a planned feature for now ? Oh I guess I should just give it a quick try EDIT : just read a little more about mkcert, and "mkcert automatically creates and installs a local CA in the system root store, and generates locally-trusted certificates" so I guess it will only work for HTTPS queries on the same machine unfortunately. And that makes sense. Not sure it's even possible to solve the issue with a PiNode-XMR-side only solution... |
|
I managed to get my head into this issue a coupe of months back when playing with the SSL certs for the monero-lws addition and am still of the opinion that there is no PiNode-XMR side only fix to this. I won't close this issue as it still persists but I don't see a fix anytime soon. |
This is because the terminal doesn't have an SSL certificate, and there is no easy way around this.
I'm aware it's not pretty, I would like it fixed but currently there's no solution I'm aware of
The text was updated successfully, but these errors were encountered: