iGotify-Notification-Assistent icon indicating copy to clipboard operation
iGotify-Notification-Assistent copied to clipboard
verified publisher icon androidseb25

[BUG] unable to connect iGotify app with Gotify server when using https with self-signed certificates

Open FantaExotic opened this issue 9 months ago • 1 comments

Can the issue be reproduced with the latest available release? (y/n) y (v2.6.1)

Which one is the environment gotify server is running in?

  • [ ] Docker
  • [x] Linux machine
  • [ ] Windows machine
Docker startup command or config file here (please mask sensitive information)
# Example configuration file for the server.
# Save it to `config.yml` when edited

server:
  keepaliveperiodseconds: 0 # 0 = use Go default (15s); -1 = disable keepalive; set the interval in which keepalive packets will be sent. Only change this value if you know what you are doing.
  listenaddr: "" # the address to bind on, leave empty to bind on all addresses. Prefix with "unix:" to create a unix socket. Example: "unix:/tmp/gotify.sock".
  port: 80 # the port the HTTP server will listen on

  ssl:
    enabled: true # if https should be enabled
    redirecttohttps: true # redirect to https if site is accessed by http
    listenaddr: "" # the address to bind on, leave empty to bind on all addresses. Prefix with "unix:" to create a unix socket. Example: "unix:/tmp/gotify.sock".
    port: 443 # the https port
    certfile: cert/server2.crt # the cert file (leave empty when using letsencrypt)
    certkey: cert/server2.key # the cert key (leave empty when using letsencrypt)
    letsencrypt:
      enabled: false # if the certificate should be requested from letsencrypt
      accepttos: false # if you accept the tos from letsencrypt
      cache: data/certs # the directory of the cache from letsencrypt
      hosts: # the hosts for which letsencrypt should request certificates
#      - mydomain.tld
#      - myotherdomain.tld

  responseheaders: # response headers are added to every response (default: none)
#    X-Custom-Header: "custom value"
#
  trustedproxies: # IPs or IP ranges of trusted proxies. Used to obtain the remote ip via the X-Forwarded-For header. (configure 127.0.0.1 to trust sockets)
#   - 127.0.0.1/32
#   - ::1

  cors: # Sets cors headers only when needed and provides support for multiple allowed origins. Overrides Access-Control-* Headers in response headers.
    alloworigins:
#      - ".+.example.com"
#      - "otherdomain.com"
    allowmethods:
#      - "GET"
#      - "POST"
    allowheaders:
#      - "Authorization"
#      - "content-type"
  stream:
    pingperiodseconds: 45 # the interval in which websocket pings will be sent. Only change this value if you know what you are doing.
    allowedorigins: # allowed origins for websocket connections (same origin is always allowed)
#      - ".+.example.com"
#      - "otherdomain.com"

database: # for database see (configure database section)
  dialect: sqlite3
  connection: data/gotify.db

defaultuser: # on database creation, gotify creates an admin user
  name: admin # the username of the default user
  pass: admin # the password of the default user
passstrength: 10 # the bcrypt password strength (higher = better but also slower)
uploadedimagesdir: data/images # the directory for storing uploaded images
pluginsdir: data/plugins # the directory where plugin resides
registration: false # enable registrations

Do you have an reverse proxy installed in front of gotify server? (Please select None if the problem can be reproduced without the presense of a reverse proxy)

  • [x] None
  • [ ] Nginx
  • [ ] Apache
  • [ ] Caddy
Reverse proxy configuration (please mask sensitive information)

On which client do you experience problems? (Select as many as you can see)

  • [ ] WebUI
  • [ ] gotify-cli
  • [ ] Android Client
  • [ ] 3rd-party API call (Please include your code)
  • [x] iGotify app for iOS
  • [x] Gotify server

What did you do? I started the gotify server on my linux machine with this command: sudo ./gotify-linux-amd64 Then i connected with my iGotify App to the Gotify server with these settings: https local instance http://192.168.178.20/ port 9091 The app was unable to connect and I received this error message in the server logs: "http TLS handshake error from 10.0.2.2:59853: EOF" I was able to access to server via the browser, but also there I received this error message "http: TLS handshake error from 10.0.2.2:59855: remote error: tls: unknown certificate" Do I need to connect my certificate to a CA? Be aware im only running this on home network, so I dont need any domain URL since I use the hardcoded ip & port address, but without it I cant request a certificate from a CA like Lets encrypt.
So if I need a certificate from a CA, what alternatives do I have? Request this certificate and configure the domain parameters etc. on my local domain server?

What did you expect to see? I expect to see a successful connection from my iGotify app to my Gotify server

What did you see instead? (Include screenshots, android logcat/request dumps if possible) see above error messages when connecting from my iGotify app to my Gotify server

Smartphone (please complete the following information):

  • Device: [e.g. iPhoneX]
  • OS: [e.g. iOS 16.7.10]
  • Version of iGotify [e.g. 1.4.2]

Additional context Add any other context about the problem here.

FantaExotic avatar Mar 01 '25 17:03 FantaExotic

please do the same think like i written in issue #140 thank you

androidseb25 avatar Mar 04 '25 12:03 androidseb25