TransmissionRemote icon indicating copy to clipboard operation
TransmissionRemote copied to clipboard
verified publisher icon y-polek

Apache SSL Proxy Issues

Open peterberbec opened this issue 7 years ago • 5 comments

I'm having problems with my apache reverse proxy for Transmission and the app. Is the a debug mode/logging enable I can get so I can figure out the problem between my phone and computer? I'm sure it's some configuration problem but I have little to go on from you application. BTW, thanks for such a great program!

peterberbec avatar Mar 24 '18 08:03 peterberbec

@peterberbec Currently, there is no such debug mode in the app. Can you provide instructions how to setup reverse proxy environment like yours? It will help resolve this issue.

y-polek avatar Mar 24 '18 10:03 y-polek

Certainly.

Setup transmission on a machine on a specific port. I used 192.168.0.12:9091

Get a SSL cert of some sort. Install apache and use the following config:

<VirtualHost *:80>
        ServerName proxy-seedbox.example.com
        # <rewrite="HTTP -> HTTPS">
        RewriteEngine On
        RewriteCond %{HTTPS} !=on
        RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [R,L]
        # </rewrite>
</VirtualHost>
<VirtualHost *:443>
        ServerName proxy-seedbox.example.com
        SSLEngine on
        SSLProxyEngine on
        ProxyRequests on
        ProxyVia on
        ProxyPass / http://192.168.0.12:9091/
        ProxyPassReverse / http://192.168.0.12:9091/
        ErrorLog ${APACHE_LOG_DIR}/seedbox.https.error.log
        CustomLog ${APACHE_LOG_DIR}/seedbox.https.access.log combined
        SSLCertificateFile /etc/ssl/seedbox/fullchain.cer
        SSLCertificateKeyFile /etc/ssl/seedbox.key
</VirtualHost>

This works to view the webui from Firefox, Chrome and Edge, but the connection fails from the Android app. I thought it might be some strange SSL setting, but I the problem occurs weather I use special ciphers or not.

The error in my Apache log isn't very helpful, even with LogLevel Debug

[Sat Mar 24 14:05:20.491610 2018] [ssl:info] [pid 42] [client 123.45.67.89:31337] AH01998: Connection closed to child 1 with abortive shutdown (server proxy-seedbox.example.com:443)1

peterberbec avatar Mar 24 '18 18:03 peterberbec

Whoops, clicked the wrong button. Apologies.

peterberbec avatar Mar 24 '18 18:03 peterberbec

Unfortunately, I cannot reproduce the problem using your configuration. However, in latest versions, I have rewritten network layer of the application (moved from Robospice/HttpClient to Retrofit/OkHttp). You can try version 0.9.13 (not yet released as some beta testers reported connection issue), APK is available on release page: https://github.com/y-polek/TransmissionRemote/releases/tag/0.9.13

Also, try to enter different ports (in my case application connects to a server with your proxy configuration if I enter 443 or leave Port field empty). And don't forget to select "https" protocol and check "Trust self signed SSL certificates" if you use self-signed one.

y-polek avatar May 13 '18 15:05 y-polek

The new version now has error text that may be helpful:

<p><u>https:// example.com:443/transmission/rpc</u></p><ul><li>Handshake failed</li><li>SSL handshake terminated: ssl=0x7be8aa5c40: Failure in SSL library, usually a protocol error
error:1000042e:SSL routines:OPENSSL_internal:TLSV1_ALERT_PROTOCOL_VERSION (external/boringssl/src/ssl/s3_pkt.c:610 0x7bec6705e0:0x00000001)</li></ul>

peterberbec avatar Dec 10 '18 04:12 peterberbec