openhab-core icon indicating copy to clipboard operation
openhab-core copied to clipboard

Published 20 hours ago verified publisher icon openhab

REST endpoint to get Jetty‘s TLS certificate

Open florian-h05 opened this issue 11 months ago • 3 comments

This is a feature request to add a REST endpoint, where Jetty‘s TLS certificate can be retrieved.

This would allow the UI to provide the user a simple and convenient way to download the TLS certificate in use by openHAB, which is most likely is a self-signed certificate, and have the user install it onto their system to use HTTPS for access to openHAB and get rid of the self-signed cert warnings of the browser.

florian-h05 avatar Mar 05 '24 09:03 florian-h05

This issue has been mentioned on openHAB Community. There might be relevant details there:

https://community.openhab.org/t/feedback-on-installing-openhab-with-latest-versions/154238/26

openhab-bot avatar Mar 05 '24 09:03 openhab-bot

cf. https://github.com/openhab/openhab-core/pull/2905

J-N-K avatar Jul 13 '24 20:07 J-N-K

To be fair it's different to #2905 which allowed to change the certificate.

Retrieving it is actually pretty easy - for instance in Firefox:

image

And after clicking "View Certificate":

image

For Chromium-based browsers:

image

After clicking the "Certificate is not valid" option (which changes if it does become valid), there is an "Export" button:

image

You might even use the commandline:

$ openssl s_client -showcerts -connect <server>:8443

ghys avatar Jul 14 '24 02:07 ghys