chrispopp Posted February 6, 2017 Report Share Posted February 6, 2017 Used LetsEncrypt to generate a certificate. We are using port 9443 for https. If I go to my subdomain portal, it works fine, and the connection is established and secure (see pic). But cannot login. Using the same credentials via http/port 80, works fine, and can log in without any problems. I can even change the http to https and port 9443, once loged in, and the session works via https... Why can't I log in using https? Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted February 6, 2017 Report Share Posted February 6, 2017 Certificates are generated for a specific DNS address. If you go to another address, the web browser will reject the certificate (otherwise everybody could just slap any certificate on any server and pretend to be google.com). You might need a wildcard certificate if you want to have multiple domains on that server, or at least one certificate for each domain. Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 6, 2017 Author Report Share Posted February 6, 2017 It's for a simple subdomain. Not for the whole server. The certificate works fine, and the page seems fine. Just that I cannot login via THAT subdomain. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted February 6, 2017 Report Share Posted February 6, 2017 So you are navigating to https://that.subdomain? Not to https://12.23.34.45 right? The browser might have a problem redirecting to another domain, that is what happens when you log in through the main portal and then the PBX figures out that you actually want to log in to a domain. Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 6, 2017 Author Report Share Posted February 6, 2017 I go to https://subdomain.maindomain.com...and not the IP. I simply want to log as a regular user, not admin. Don't see why there would be a redirect... Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted February 7, 2017 Report Share Posted February 7, 2017 This should work. Don't log in with the user@domain, just the user. Do you see a green lock? Actually what version is this? Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 7, 2017 Author Report Share Posted February 7, 2017 Yes the green lock is on. And working without any errors. The page is displayed correctly, but when i enter the user without the domain or anything, and the password, the page simply refreshes and comes back with the empty fields. Note, that on http, it works fine to log in. Quote Link to comment Share on other sites More sharing options...
Vodia Telephone System Posted February 8, 2017 Report Share Posted February 8, 2017 Can you please tell us what version of the PBX are you running? Because the encryption connection is 1.0 there and we have switched to TLS 1.2. At least that will rule out anything new we have done so that the problem can be narrowed with the version number of the PBX. Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 8, 2017 Author Report Share Posted February 8, 2017 Testing with version 56.0 Thank you. Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 9, 2017 Author Report Share Posted February 9, 2017 Were you able to replicate the issue? Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 13, 2017 Author Report Share Posted February 13, 2017 Bump Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 13, 2017 Author Report Share Posted February 13, 2017 So further testing shows that i can log-in using the admin accounts, but domain admin and user portal don't work. Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 13, 2017 Author Report Share Posted February 13, 2017 Further further testing, i am able to log-in correctly using the full username: 9999@sub.domain.com and the password. I think the problem is withing the welcome.js which I cannot modify: // Redirect to secure login? if (session.secure && window.location.protocol !== 'https:') { var l = 'https://' + window.location.hostname + ":" + session.secure + window.location.pathname + window.location.hash; window.location = l; return; } Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted February 14, 2017 Report Share Posted February 14, 2017 You mean the window.location.hostname there? Or the general idea that users should use a secure transport layer? You can also edit the welcome js, just create a html folder in the working directory, put the content of the welcome.js there and you can happily edit it right there. Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 14, 2017 Author Report Share Posted February 14, 2017 I think the problem is due to the redirect. Instead of logging in, it simply refreshes the page. Am I really the only one having this issue? Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted February 15, 2017 Report Share Posted February 15, 2017 Well but how otherwise would you redirect a user to the http login page? Keep in mind that this is optional, and make most sense when you have a valid certificate installed. Quote Link to comment Share on other sites More sharing options...
chrispopp Posted February 15, 2017 Author Report Share Posted February 15, 2017 It is a valid certificate... So I am assuming that user cannot log-in unless they use the whole domain such as 333@domain.xyz.com... which is a pity. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted February 15, 2017 Report Share Posted February 15, 2017 I just tried that over here on our domain, it works here. Not sure where the problem is. Maybe you can open a ticket and include a username, password and hostname where we can try this out. Quote Link to comment Share on other sites More sharing options...
chrispopp Posted March 1, 2017 Author Report Share Posted March 1, 2017 Found out what the problem is.... The login only works on port 443. I was using port 8843 for https, since my port 443 was taken up by a different device. I temporarily changed it to 443 and the log-in works correctly. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted March 1, 2017 Report Share Posted March 1, 2017 Yea that is actually a common problem. Thanks for sharing that with us. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.