cv4pve-admin
cv4pve-admin copied to clipboard
Corsinvest
No HTTPS for CV4PVE-ADMIN
The URL for CV4PVE-ADMIN can only be HTTP? HTTPS will not work. I can not use CV4PVE-ADMIN in a Live Business Environment if only HTTP is used to reach the URL for CV4PVE-ADMIN.
There also No Option to Turn OFF HTTP and Turn ON HTTPS or just use HTTPS completely.
When you try the URL with HTTPS, you will Receive the Error: Secure Connection Failed An error occurred during a connection to 192.168.1.143:5000. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. Learn more…
I did also try Editing the the File appsettings.json and change "urls": "http://0.0.0.0:5000", to "urls": "https://0.0.0.0:5000", however the Page will not come up.
This is a Great Tool however I can not use this in the Live Business Environment with the URL being HTTP due to the fact that anyone could SNIFF the Username and Password to the Tool since HTTP is Non Encrypted.
Thanks, Kenneth
hi, thank you for your interest. Let's check how to resolve your request.
best reagrds
I was Referring to the Request that I made about HTTPS when I started this Post 5 Days Ago.
Hello @kenrmayfield, our development team is working on it, we will update you in this issue.
Best Regards,
I was wondering if Creating a NGINX SSL for Docker would Work?
I wanted to see what you think?
I was wondering if there is something in the Code I Manipulated below is missing something or it will not work?
I have Manipulated the Code Below with Steps:
Step 1: Create Directory
Create a directory with the name "docker_ssl_proxy" to store the NGINX Configuration file and the certificate and key
$ mkdir docker_ssl_proxy
Step 2: Change Directory to docker_ssl_proxy NOTE: You must be under this directory before executing the following steps (Commands).
Step 2.a: Use Signed Certificates NOTE: If you have Certificates you can simply copy the following 2 files to the Current Directory key.pem cert.pem
Step 2.b Create the Self-Signed Certificates (If needed)
Use OpenSSL to create a Self-Signed Certificate, following command will create a Self-Signed Certificate and a Private Key with a Validity of 365 days.
$ openssl req -subj '/CN=localhost' -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365
Step 3: Find your container IP address 3.1: Find your Container ID.
$ docker ps NOTE: It will list all the processes that are running and find out your Container Id.
3.2 Find IP Address
To find the container IP address from the Host, you can run the command NOTE: (Container-ID): replace this with the value that you get from Step 3.1
$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' (Contrainer-ID)
NOTE: The response of the above command will be an IP address
Step 4: Create the NGINX configuration file
In the same directory (docker_ssl_proxy), create a Configuration File that will Proxy All the Traffic to your upstream server. The upstream server is the application server running a non-SSL connection. The SSL will be using NGINX, and all the traffic will be Proxied to the Host (using the IP Address that you got in Step 3.2)
The Configuration File, which in this example is called "proxy_ssl.conf," but can have any name as long as it ends in .conf. Example file: proxy_ssl.conf NOTE: 5000 is the Port for CV4PVE-ADMIN. The only thing you need to replace in this file is the Container IP Address. This file simply instructs NginX to listen, with SSL and the correct Certs and Keys, on port 443 and to proxy all the requests to the Host on port 5000.
The File must have the following Contents below:
server { listen 443; ssl on; ssl_certificate /etc/nginx/conf.d/cert.pem; ssl_certificate_key /etc/nginx/conf.d/key.pem; location / { proxy_pass http://(Container IP):5000; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } }
NOTE: This file simply instructs NginX to listen, with SSL and the correct Certs and Keys, on port 443 and to Proxy All the Requests to the Host on port 5000
Step 5: Run the Docker Container
At this point, we have all the Configuration in place to Proxy the Traffic; we simply need to run the Docker Container with the following command.
$ docker run --name nginx_proxy -d -v pwd:/etc/nginx/conf.d -p 443:443 nginx
NOTE: 5000 is the Port for CV4PVE-ADMIN If you face issues, try to replace PWD in the command above with the Full Directory Path for "docker_ssl_proxy", where you have Config and Cert files.
$docker run --name nginx_proxy -d -v (yourdirectory):/etc/nginx/conf.d -p 443:443 nginx
@matteocv Frank,
On my Previous Posting........what did you think about the Code to try to get HTTPS to work?
As far as Docker Compose...........It will be the same Problem.........still No HTTPS. Even if you use a Container, that does not change the Protocol.
hi, I didn't enable Forwarded. In the next release we will come up with an example for Nginx
best reagrds
see https://github.com/Corsinvest/cv4pve-admin/tree/main/src/Docker/Nginx/ReverseProxy
@matteocv
Frank,
I Sent you and Matteo a Email asking a Question about the Reverse Proxy.
@franklupo @matteocv
Still having a Problem getting HTTPS to work?
I tried: https://github.com/Corsinvest/cv4pve-admin/tree/main/src/Docker/Nginx/ReverseProxy
@franklupo @matteocv
Still having a Problem getting HTTPS to work?
I tried: https://github.com/Corsinvest/cv4pve-admin/tree/main/src/Docker/Nginx/ReverseProxy
@franklupo @matteocv
Still having a Problem getting HTTPS to work?
I tried: https://github.com/Corsinvest/cv4pve-admin/tree/main/src/Docker/Nginx/ReverseProxy
Set up a SWAG reverse proxy, HTTPS over port 5000. SSL all setup fine. Errors suggest the backend docker for CV4PVE seems to be incompatible with running in HTTPS in some manner.
Seeing in browser console:
Uncaught (in promise) WebSocket is not in the OPEN state
[2023-10-24T17:50:53.720Z] Error: System.Threading.Tasks.TaskCanceledException: A task was canceled.
at Microsoft.JSInterop.JSRuntime.InvokeAsync[TValue](Int64 targetInstanceId, String identifier, Object[] args)
at Microsoft.JSInterop.JSRuntimeExtensions.InvokeVoidAsync(IJSRuntime jsRuntime, String identifier, Object[] args)
at Microsoft.AspNetCore.Components.Server.Circuits.RemoteNavigationManager.<>c__DisplayClass13_0.<<NavigateToCore>g__PerformNavigationAsync|0>d.MoveNext()
Seeing in docker logs:
[ERR] Navigation failed when changing the location to /login?key=d3f0d667-c2c7-4e7e-8676-REDACTED
