Activating HTTPS causes black screen

sdetweil

@nzrunner

And dropped them into a folder that MagicMirror can access

U mean the ~/MagicMirror/ssl folder?
Cause that is what your config said

nzrunner

Yes. I created a folder under MagicMirror called ssl for the certs

karsten13

AFAIK this is not possible in the current release, but in the upcoming v2.12.0.

So you

can wait until 1.7.2020 or
use the develop branch where this is already included or
patch the electron.js as described here

sdetweil

@karsten13 the changelog says it should work

nzrunner

@sdetweil said in Activating HTTPS causes black screen:

@karsten13 the changelog says it should work

I had read the Changelog as well, and noticed the following entry: -

Add HTTPS support and update config.js.sample

@karsten13 I am happy to wait for the v2.12.0 release. 1st July isn’t that far away ;-)

sdetweil

@nzrunner July 1, every 3 months a new release

rafhtl

@sdetweil
Hi Sam
just wanted to tell you that I am using devel and https works fine
BUT
it took me some time to understand this:
in js/electron.js
in line
18
should be
app.commandLine.appendSwitch(“autoplay-policy”, ‘true’);
app.commandLine.appendSwitch(“no-user-gesture-required”, ‘true’);
app.commandLine.appendSwitch(“disable-site-isolation-trials”, ‘true’);
app.commandLine.appendSwitch(“ignore-certificate-errors”, ‘true’);
app.commandLine.appendSwitch(‘allow-insecure-localhost’, ‘true’);

and ofcourse in config also add tls: true
let me know if this turns out to be correct
as soon as I did this it started working
thanks
r

br4tt3

@rafhtl - could you elaborate on the part of the tls: true in the config file? I cant seem to find any reference to that specific config param. I added the changes that you mention in the electron.js file - with the same result as previously, pitch black screen as soon as i am running on https.

checking the “output” from a remote connection (e.g remote control module) it works over htpps - but for the physical screen its pitch black!

thanks!

karsten13

There are 2 use cases for which was https implemented:

serveronly
clientonly

This use case with output from the pi on the screen and accessing the mm url’s with https was never implemented.

The above hack from @rafhtl seems not to work with the current electron version.

You can get it working if you put the following lines under the line with mainWindow = new BrowserWindow(electronOptions); in js/electron.js:

mainWindow.webContents.session.setCertificateVerifyProc((request, callback) => {
    callback(0); //this means trust this domain
})

And electron must use https so you have to change the prefix in the following lines to https in the else section or put tls: true, in the config.js.

I’m interested in this usecase because I see nothing what could be protected with https. Everybody who knows your url e.g. https://192.168.0.33:8080/ has full access to your config calling https://192.168.0.33:8080/config/ and can see all your secrets, so I would never run MM in public without protection.