Jump to content
Vodia PBX forum
chrispopp

Cannot log in using HTTPS

Recommended Posts

Used LetsEncrypt to generate a certificate.

 

We are using port 9443 for https. If I go to my subdomain portal, it works fine, and the connection is established and secure (see pic). But cannot login.

 

Using the same credentials via http/port 80, works fine, and can log in without any problems. I can even change the http to https and port 9443, once loged in, and the session works via https... Why can't I log in using https?

 

 

1C1Nxo8y6e86sPe6b5EtDapGdTCOO0.png

Share this post


Link to post
Share on other sites

Certificates are generated for a specific DNS address. If you go to another address, the web browser will reject the certificate (otherwise everybody could just slap any certificate on any server and pretend to be google.com). You might need a wildcard certificate if you want to have multiple domains on that server, or at least one certificate for each domain.

Share this post


Link to post
Share on other sites

It's for a simple subdomain. Not for the whole server. The certificate works fine, and the page seems fine. Just that I cannot login via THAT subdomain.

Share this post


Link to post
Share on other sites

This should work. Don't log in with the user@domain, just the user. Do you see a green lock? Actually what version is this?

Share this post


Link to post
Share on other sites

Yes the green lock is on. And working without any errors. The page is displayed correctly, but when i enter the user without the domain or anything, and the password, the page simply refreshes and comes back with the empty fields.

 

Note, that on http, it works fine to log in.

Share this post


Link to post
Share on other sites

Can you please tell us what version of the PBX are you running? Because the encryption connection is 1.0 there and we have switched to TLS 1.2. At least that will rule out anything new we have done so that the problem can be narrowed with the version number of the PBX.

Share this post


Link to post
Share on other sites

Further further testing, i am able to log-in correctly using the full username: 9999@sub.domain.com and the password.

 

I think the problem is withing the welcome.js which I cannot modify:

// Redirect to secure login?
    if (session.secure && window.location.protocol !== 'https:') {
      var l = 'https://' + window.location.hostname + ":" + session.secure + window.location.pathname + window.location.hash;
      window.location = l;
      return;
    }

Share this post


Link to post
Share on other sites

You mean the window.location.hostname there? Or the general idea that users should use a secure transport layer? You can also edit the welcome js, just create a html folder in the working directory, put the content of the welcome.js there and you can happily edit it right there.

Share this post


Link to post
Share on other sites

I think the problem is due to the redirect. Instead of logging in, it simply refreshes the page.

 

Am I really the only one having this issue?

Share this post


Link to post
Share on other sites

Well but how otherwise would you redirect a user to the http login page? Keep in mind that this is optional, and make most sense when you have a valid certificate installed.

Share this post


Link to post
Share on other sites

It is a valid certificate... So I am assuming that user cannot log-in unless they use the whole domain such as 333@domain.xyz.com... which is a pity.

Share this post


Link to post
Share on other sites

I just tried that over here on our domain, it works here. Not sure where the problem is. Maybe you can open a ticket and include a username, password and hostname where we can try this out.

Share this post


Link to post
Share on other sites

Found out what the problem is.... The login only works on port 443. I was using port 8843 for https, since my port 443 was taken up by a different device.

 

I temporarily changed it to 443 and the log-in works correctly.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×