See here: https://github.com/openwisp/docker-openwisp/blob/master/docs/ENV.md#ssl_cert_mode It seems there's a way to turn HTTPS off entirely.
F. On Tue, 4 Apr 2023 at 14:46, François Noah <[email protected]> wrote: > thanks for yours awnsers, it will help me. > my instance of wifi-login-pages and openwisp docker run on the same > computer . my question is which cetificate is checkeed by wifi-login-page > ?where is it stored. > i created a self signed certificate linked to my ip 192.168.1.157 > (build.lab) adn i saved it to /etc/ssl/cert and /ect/ssl/private (for > private key) > do you have any idea where i have to save my certificate ? > > regards > > François NOAH > > Le mar. 4 avr. 2023 à 19:52, Federico Capoano <[email protected]> a > écrit : > >> I never ran into this issue when testing locally. I think it's because >> docker-openwisp is not meant for testing locally and it pushes you to use >> HTTPS, for which you do not have a valid certificate and for that reason >> nodeJS complains when used through wifi-login-pages. >> >> To test wifi-login-pages >> <https://github.com/openwisp/openwisp-wifi-login-pages> locally I have >> my dev org YAML file which points to a local development instance of >> openwisp-radius <https://github.com/openwisp/openwisp-radius/> (also >> running on HTTP) and I run: >> >> yarn setup >> yarn start >> >> Instructions for running openwisp-radius for development are here: >> https://openwisp-radius.readthedocs.io/en/latest/developer/setup.html#installing-for-development >> We use the same setup in the CI to run browser based tests: >> https://github.com/openwisp/openwisp-wifi-login-pages/blob/master/.github/workflows/ci.yml#L79-L116 >> . >> >> Alternatively, if you need to continue using docker-openwisp for >> freeradius and openwisp-radius, I think you would need to change the code >> of the server side part of openwisp-wifi-login-pages to ignore the SSL >> warning: >> >> https://stackoverflow.com/questions/51363855/how-to-configure-axios-to-use-ssl-certificate >> >> I hope this helps! >> >> Best regards >> Federico Capoano >> >> On Tue, 4 Apr 2023 at 13:38, François Noah <[email protected]> wrote: >> >>> it is not for production , i need to test it on my computer. >>> i created a self signed certificate and >>> i store certificate on my computer and on my docker container ( i use >>> openwisp-docker) >>> but i still have the same error >>> >>> eap eap-irecycle { >>> default_eap_type = ttls >>> timer_expire = 60 >>> ignore_unknown_eap_types = no >>> cisco_accounting_username_bug = no >>> max_sessions = ${max_requests} >>> >>> tls-config tls-common { >>> # make sure to have a valid SSL certificate for production usage >>> private_key_password = whatever >>> private_key_file = /etc/ssl/private/example.key >>> certificate_file = /etc/ssl/certs/example.pem >>> ca_file = /etc/ssl/certs/example.crt >>> dh_file = ${certdir}/dh >>> ca_path = ${cadir} >>> cipher_list = "DEFAULT" >>> cipher_server_preference = no >>> ecdh_curve = "prime256v1" >>> >>> cache { >>> enable = no >>> } >>> >>> ocsp { >>> enable = no >>> override_cert_url = yes >>> url = "http://127.0.0.1/ocsp/"; >>> } >>> } >>> >>> ttls { >>> tls = tls-common >>> default_eap_type = pap >>> copy_request_to_tunnel = yes >>> use_tunneled_reply = yes >>> virtual_server = "inner-tunnel_irecycle" >>> } >>> } >>> >>> Le mardi 4 avril 2023 à 16:33:57 UTC+2, f.capoano a écrit : >>> >>>> This is the error: *Error: self signed certificate.* >>>> >>>> For production usage you need a valid SSL certificate. >>>> >>>> Best regards >>>> Federico >>>> >>>> >>>> On Tue, 4 Apr 2023 at 08:57, François Noah <[email protected]> wrote: >>>> >>>>> hello, >>>>> i'am trying to use openwisp-wifi-login-pages but i get zrror below >>>>> >>>>> [ >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> *ERROR 2023-04-04 13:30:39:3039] {[0] error: Error: self signed >>>>> certificate[0] at TLSSocket.onConnectSecure >>>>> (node:_tls_wrap:1530:34)[0] at TLSSocket.emit >>>>> (node:events:520:28)[0] >>>>> at TLSSocket.emit (node:domain:475:12)[0] at >>>>> TLSSocket._finishInit (node:_tls_wrap:944:8)[0] at >>>>> TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {[0] code: >>>>> 'DEPTH_ZERO_SELF_SIGNED_CERT',[0] config: {[0] transitional: >>>>> [Object],[0] adapter: [Function: httpAdapter],[0] >>>>> transformRequest: [Array],[0] transformResponse: [Array],[0] >>>>> timeout: 2000,[0] xsrfCookieName: 'XSRF-TOKEN',[0] >>>>> xsrfHeaderName: 'X-XSRF-TOKEN',[0] maxContentLength: -1,[0] >>>>> maxBodyLength: -1,[0] validateStatus: [Function: validateStatus],[0] >>>>> headers: [Object],[0] method: 'post',[0] url: >>>>> 'http://api.build.lab/api/v1/radius/organization/default/account/ >>>>> <http://api.build.lab/api/v1/radius/organization/default/account/>',[0] >>>>> data: >>>>> '{"email":"[email protected]","username":"[email protected]","password1":"azerty","password2":"azerty"}'[0] >>>>> },* >>>>> >>>>> registrration works when a use api >>>>> https://api.build.lab/api/v1/radius/organization/default/account/ >>>>> >>>>> I want to know which certificate is used by openwisp-wifi-login-pages >>>>> ? is it a bug ? anyone know how i can solve it ? >>>>> >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "OpenWISP" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To view this discussion on the web, visit >>>>> https://groups.google.com/d/msgid/openwisp/7aaa8eed-d857-4c50-81e0-cecee6f1e4c0n%40googlegroups.com >>>>> <https://groups.google.com/d/msgid/openwisp/7aaa8eed-d857-4c50-81e0-cecee6f1e4c0n%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "OpenWISP" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web, visit >>> https://groups.google.com/d/msgid/openwisp/b5b1c018-de0d-4d23-8a67-1d0d7ad4ab27n%40googlegroups.com >>> <https://groups.google.com/d/msgid/openwisp/b5b1c018-de0d-4d23-8a67-1d0d7ad4ab27n%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "OpenWISP" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web, visit >> https://groups.google.com/d/msgid/openwisp/CAAGgX6%2BfZ1R5%2BD4CtiR69TA1nt6QxExXo%3DvfcoaB_92GipH2%2BQ%40mail.gmail.com >> <https://groups.google.com/d/msgid/openwisp/CAAGgX6%2BfZ1R5%2BD4CtiR69TA1nt6QxExXo%3DvfcoaB_92GipH2%2BQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "OpenWISP" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web, visit > https://groups.google.com/d/msgid/openwisp/CAG1jYSsuz2Cdxd5swvnzRn30OO66MSrNviXxoHtmiE0Gcb%2BnGw%40mail.gmail.com > <https://groups.google.com/d/msgid/openwisp/CAG1jYSsuz2Cdxd5swvnzRn30OO66MSrNviXxoHtmiE0Gcb%2BnGw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "OpenWISP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web, visit https://groups.google.com/d/msgid/openwisp/CAAGgX6L6L66At82VU3XS8GPeFnq%2BRGS3YD%3D4_NWM3jseTOk_-g%40mail.gmail.com.
