Read the statement by Michael Teeuw here.
How to run as "https"?
-
As a slightly more easy to deal with version, you can just add
var server = require("http").Server(app); if(config.useHttps){ var options = { key: fs.readFileSync(path.join(config.httpCertPath, "key.pem")), cert: fs.readFileSync(path.join(config.httpCertPath, "cert.pem")) } server = require("https").Server(options, app); } var io = require("socket.io")(server);
in the same server.js file right under the
var Server = function(config, callback) {
line.
In your config.js, you can modify it to bevar config = { useHttps: true, httpCertPath: "ABSOLUTE_PATH", }
and then you can switch back and forth if you need.
-
I did this but when i want try to access https://ipaddress:8080 “ERR_SSL_VERSION_OR_CIPHER_MISMATCH” is returned in the google browser. Do you know the solution for this problem?
-
@Lorenz
Could you post your server.js file so we can just make sure there aren’t many spelling mistakes?- The first thing that you should do is make sure that the path you supplied to the key and cert is correct. This error can arise if you are not pointing to the correct files.
- Second, you can try to remake the cert and key and see if there was just some error the first time.
- Third, I would try to figure out if the SSL version is correct. I’m not especially sure how this works, but when I ran into this issue once, somebody had said that the TLS version was incorrect.
- Last, I would just try to reinstall openSSL and generate a new key.
-
It worked! thanks for the support :) but i have another question is it possible to use a signed certificate because now when i go to the magic mirror page i receive “your connection is not private”.
-
@Lorenz
In order to get a signed certificate, you need to go through a CA or certificate authority. Most of the time, magic mirrors are run on localhost and therefore cannot get a signed certificate so you just have to trust the IP on your browser and deal with the fact that it is not “trusted”.
If you do happen to have a domain lying around, you can get a signed certificate for that and then use it to have a trusted website, but that’s a bunch of work and usually not worth it. If you do decide to go that route, there are a couple of places to sign certificates for free and I would suggest a quick google search to find them. -
Thank you for the information! I have a PWA to control the magic mirror but a PWA is always https. So my http requests are not allowed but for my PWA i used let’s encrypt for a free certificate. Is it possible to make a wildcart cetficate for my PWA and use the same for the magic mirror?
-
I’m not familiar with how a PWA works so I’m not quite sure what you are asking here. Are you saying that you have a PWA running that has a valid ssl encryption and you want to send requests from the PWA to your magic mirror, but they are being blocked due to mixed content policies?
What happens when you request to the magic mirror that is using the unsigned certificate?
A wildcard certificate handles subdomains so if you wanted to use the same certificate you would need to point a subdomain to your magic mirror.