2016-03-30 - Re: [GRASE-Hotspot] Can portal be secure? https

Header Data

From: Henry Terkura Swende <he***e@gmail.com>
Message Hash: 36fdecd9a9ca779616e46246476b83c9418e8ca170e7b2613de977fb5d1d97ec
Message ID: <CAHoMbheXBO32XKG2PCEiZ51uPpeX4ionu18ya8hRAgugzx09dw@mail.gmail.com>
Reply To: <CAESLx0Ky4+AxESAZNf=LhKf+vTovLrsQ2wc3XRPvY4Y3psiE0A@mail.gmail.com>
UTC Datetime: 2016-03-30 13:51:01 UTC
Raw Date: Wed, 30 Mar 2016 21:51:01 +0100

Raw message 

I'm kinda confused here guys kindly help me out? Why would I need SSL when
the portal is already secured. I mean what's the advantage of using SSL
instead of the JavaScript enabled security in grase?
On Mar 30, 2016 9:25 PM, "Timothy White" <ti***8@gmail.com> wrote:

> Thats great news Sebastian!
>
> Can you do a short writeup on the Wiki for that?
> https://github.com/GraseHotspot/grase-www-portal/wiki
>
> Regards
>
> Tim
>
> On Thu, Mar 31, 2016 at 12:18 AM, Sebastian Schneider <
> se***r@gmail.com> wrote:
>
>> Hi Tim,
>> thanks for that idea. It was obvious but I didn't think about it.
>> The problem was mixed content, so http traffic in a https session.
>> jqchilli.js call:
>> var urlRoot = 'http://' + chilliController.host + ':' + chilliController.
>> port + '/json/'; // TODO make this dynamic
>> in line 38.
>> In line 22 and 23 I changed to host var to my DNS Hostname (fitting to
>> the cert) and changed to port to 4990.
>> In my /etc/chilli/config I added:
>> HS_UAMUISSL=on
>> HS_REDIRSSL=on
>> HS_SSLKEYFILE= /path/to/private_key
>> HS_SSLCERTFILE=/path/to/cert
>>
>> The hosts file of the Controller resolves the CN Name of the cert to
>> 10.1.0.1
>>
>> Now I have SSL enabled, without any errors.
>>
>> Regards
>>
>> Se
>>
>> Am Dienstag, 29. März 2016 13:05:34 UTC+2 schrieb timwhite88:
>>>
>>> Hi Sebastian
>>>
>>> Off the top of my head, I'm not sure what the problem is. Try using the
>>> browser developer tools to see any error messages you can see.
>>>
>>> Feel free to open an issue for it and when I get a chance I'll have a
>>> poke as well.
>>>
>>> Regards
>>>
>>> Tim
>>>
>>> On Tue, Mar 29, 2016 at 8:26 PM, Sebastian Schneider <
>>> se***.@gmail.com> wrote:
>>>
>>>> Hi Karotu, hi Tim,
>>>>
>>>> with the risk of annoying everyone, I tried to enable SSL yesterday, as
>>>> I did before with coova. The CHAP mechanism FAILS when SSL is enabled. In
>>>> any case, that shouldn't be the normal, right?
>>>> I do have a valid CA signed Certificate (startssl, soon letsencrypt)
>>>> and my grasehotspot is resolving my address via a local hosts entry. So
>>>> internally(connected via hotspot) it's resolving to my controller,
>>>> public(not connected via my controller) it's resolving to my website.
>>>>
>>>> So apache and everything is running fine, no warnings, no nothing. But
>>>> I have to use the "non-secure" variant of the captive portal (non JS
>>>> version, non CHAP version) to login successfully, when using HTTPS.
>>>> I had a look in the ChilliLibrary.js but without any luck.
>>>>
>>>> Any ideas from your side?
>>>>
>>>> Best
>>>>
>>>> Sebastian
>>>>
>>>>
>>>>
>>>> Am Sonntag, 9. März 2014 21:43:34 UTC+1 schrieb karotu:
>>>>>
>>>>> Hi,
>>>>>
>>>>> Is it possible to make login secure with https?
>>>>>
>>>>> Thanks.
>>>>>
>>>>> Karotu
>>>>>
>>>>> --
>>>>> ----------------------------------
>>>>> Karotu Tannang
>>>>> Nauoi IT Services
>>>>> Behind BOK, Betio / PO Box 46, Bairiki
>>>>> Tarawa, KIRIBATI
>>>>> Mobile: +686 94038
>>>>> Like Us on Facebook: http://www.facebook.com/nauoionline
>>>>>
>>>>>
>>>>> --
>>>> This mailing list is for the Grase Hotspot Project
>>>> http://grasehotspot.org
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Grase Hotspot" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to gr***.@grasehotspot.org.
>>>> To post to this group, send email to gr***.@grasehotspot.org.
>>>> Visit this group at
>>>> https://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/73b262da-42ff-451f-b538-96550a7a706b%40grasehotspot.org
>>>> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/73b262da-42ff-451f-b538-96550a7a706b%40grasehotspot.org?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>>
>>> --
>> This mailing list is for the Grase Hotspot Project
>> http://grasehotspot.org
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "Grase Hotspot" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to gr***e@grasehotspot.org.
>> To post to this group, send email to gr***t@grasehotspot.org.
>> Visit this group at
>> https://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
>> To view this discussion on the web visit
>> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/293b318e-7b39-46d5-b142-774f2a91dfd8%40grasehotspot.org
>> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/293b318e-7b39-46d5-b142-774f2a91dfd8%40grasehotspot.org?utm_medium=email&utm_source=footer>
>> .
>>
>
> --
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to gr***e@grasehotspot.org.
> To post to this group, send email to gr***t@grasehotspot.org.
> Visit this group at
> https://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/CAESLx0Ky4%2BAxESAZNf%3DLhKf%2BvTovLrsQ2wc3XRPvY4Y3psiE0A%40mail.gmail.com
> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/CAESLx0Ky4%2BAxESAZNf%3DLhKf%2BvTovLrsQ2wc3XRPvY4Y3psiE0A%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>

Thread