Jump to content
Vodia PBX forum
chrispopp

Cannot log in using HTTPS

Recommended Posts

Used LetsEncrypt to generate a certificate.

 

We are using port 9443 for https. If I go to my subdomain portal, it works fine, and the connection is established and secure (see pic). But cannot login.

 

Using the same credentials via http/port 80, works fine, and can log in without any problems. I can even change the http to https and port 9443, once loged in, and the session works via https... Why can't I log in using https?

 

 

1C1Nxo8y6e86sPe6b5EtDapGdTCOO0.png

Share this post


Link to post
Share on other sites

Certificates are generated for a specific DNS address. If you go to another address, the web browser will reject the certificate (otherwise everybody could just slap any certificate on any server and pretend to be google.com). You might need a wildcard certificate if you want to have multiple domains on that server, or at least one certificate for each domain.

Share this post


Link to post
Share on other sites

Yes the green lock is on. And working without any errors. The page is displayed correctly, but when i enter the user without the domain or anything, and the password, the page simply refreshes and comes back with the empty fields.

 

Note, that on http, it works fine to log in.

Share this post


Link to post
Share on other sites

Can you please tell us what version of the PBX are you running? Because the encryption connection is 1.0 there and we have switched to TLS 1.2. At least that will rule out anything new we have done so that the problem can be narrowed with the version number of the PBX.

Share this post


Link to post
Share on other sites

Further further testing, i am able to log-in correctly using the full username: 9999@sub.domain.com and the password.

 

I think the problem is withing the welcome.js which I cannot modify:

// Redirect to secure login?
    if (session.secure && window.location.protocol !== 'https:') {
      var l = 'https://' + window.location.hostname + ":" + session.secure + window.location.pathname + window.location.hash;
      window.location = l;
      return;
    }

Share this post


Link to post
Share on other sites

You mean the window.location.hostname there? Or the general idea that users should use a secure transport layer? You can also edit the welcome js, just create a html folder in the working directory, put the content of the welcome.js there and you can happily edit it right there.

Share this post


Link to post
Share on other sites

Well but how otherwise would you redirect a user to the http login page? Keep in mind that this is optional, and make most sense when you have a valid certificate installed.

Share this post


Link to post
Share on other sites

I just tried that over here on our domain, it works here. Not sure where the problem is. Maybe you can open a ticket and include a username, password and hostname where we can try this out.

Share this post


Link to post
Share on other sites

Found out what the problem is.... The login only works on port 443. I was using port 8843 for https, since my port 443 was taken up by a different device.

 

I temporarily changed it to 443 and the log-in works correctly.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...