2016-03-30 - Re: [GRASE-Hotspot] Can portal be secure? https

Header Data

From: Timothy White <ti***8@gmail.com>
Message Hash: e3f4e49877a64e62edc535411e5df31589f82d707a7c6fad0b9b26be384a3fab
Message ID: <CAESLx0Ky4+AxESAZNf=LhKf+vTovLrsQ2wc3XRPvY4Y3psiE0A@mail.gmail.com>
Reply To: <293b318e-7b39-46d5-b142-774f2a91dfd8@grasehotspot.org>
UTC Datetime: 2016-03-30 13:25:00 UTC
Raw Date: Thu, 31 Mar 2016 06:25:00 +1000

Raw message

Thats great news Sebastian!

Can you do a short writeup on the Wiki for that?
https://github.com/GraseHotspot/grase-www-portal/wiki

Regards

Tim

On Thu, Mar 31, 2016 at 12:18 AM, Sebastian Schneider <
se***r@gmail.com> wrote:

> Hi Tim,
> thanks for that idea. It was obvious but I didn't think about it.
> The problem was mixed content, so http traffic in a https session.
> jqchilli.js call:
> var urlRoot = 'http://' + chilliController.host + ':' + chilliController.
> port + '/json/'; // TODO make this dynamic
> in line 38.
> In line 22 and 23 I changed to host var to my DNS Hostname (fitting to the
> cert) and changed to port to 4990.
> In my /etc/chilli/config I added:
> HS_UAMUISSL=on
> HS_REDIRSSL=on
> HS_SSLKEYFILE= /path/to/private_key
> HS_SSLCERTFILE=/path/to/cert
>
> The hosts file of the Controller resolves the CN Name of the cert to
> 10.1.0.1
>
> Now I have SSL enabled, without any errors.
>
> Regards
>
> Se
>
> Am Dienstag, 29. März 2016 13:05:34 UTC+2 schrieb timwhite88:
>>
>> Hi Sebastian
>>
>> Off the top of my head, I'm not sure what the problem is. Try using the
>> browser developer tools to see any error messages you can see.
>>
>> Feel free to open an issue for it and when I get a chance I'll have a
>> poke as well.
>>
>> Regards
>>
>> Tim
>>
>> On Tue, Mar 29, 2016 at 8:26 PM, Sebastian Schneider <se***.@gmail.com
>> > wrote:
>>
>>> Hi Karotu, hi Tim,
>>>
>>> with the risk of annoying everyone, I tried to enable SSL yesterday, as
>>> I did before with coova. The CHAP mechanism FAILS when SSL is enabled. In
>>> any case, that shouldn't be the normal, right?
>>> I do have a valid CA signed Certificate (startssl, soon letsencrypt) and
>>> my grasehotspot is resolving my address via a local hosts entry. So
>>> internally(connected via hotspot) it's resolving to my controller,
>>> public(not connected via my controller) it's resolving to my website.
>>>
>>> So apache and everything is running fine, no warnings, no nothing. But I
>>> have to use the "non-secure" variant of the captive portal (non JS version,
>>> non CHAP version) to login successfully, when using HTTPS.
>>> I had a look in the ChilliLibrary.js but without any luck.
>>>
>>> Any ideas from your side?
>>>
>>> Best
>>>
>>> Sebastian
>>>
>>>
>>>
>>> Am Sonntag, 9. März 2014 21:43:34 UTC+1 schrieb karotu:
>>>>
>>>> Hi,
>>>>
>>>> Is it possible to make login secure with https?
>>>>
>>>> Thanks.
>>>>
>>>> Karotu
>>>>
>>>> --
>>>> ----------------------------------
>>>> Karotu Tannang
>>>> Nauoi IT Services
>>>> Behind BOK, Betio / PO Box 46, Bairiki
>>>> Tarawa, KIRIBATI
>>>> Mobile: +686 94038
>>>> Like Us on Facebook: http://www.facebook.com/nauoionline
>>>>
>>>>
>>>> --
>>> This mailing list is for the Grase Hotspot Project
>>> http://grasehotspot.org
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "Grase Hotspot" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to gr***.@grasehotspot.org.
>>> To post to this group, send email to gr***.@grasehotspot.org.
>>> Visit this group at
>>> https://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
>>> To view this discussion on the web visit
>>> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/73b262da-42ff-451f-b538-96550a7a706b%40grasehotspot.org
>>> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/73b262da-42ff-451f-b538-96550a7a706b%40grasehotspot.org?utm_medium=email&utm_source=footer>
>>> .
>>>
>>
>> --
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to gr***e@grasehotspot.org.
> To post to this group, send email to gr***t@grasehotspot.org.
> Visit this group at
> https://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/293b318e-7b39-46d5-b142-774f2a91dfd8%40grasehotspot.org
> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/293b318e-7b39-46d5-b142-774f2a91dfd8%40grasehotspot.org?utm_medium=email&utm_source=footer>
> .
>

Thread

• Return to March 2014
• Return to March 2016
• Return to April 2016

• Return to January 2023

• Return to “Deepak Kaushik <de***3@gmail.com>”
• Return to “Drazen <dr***a@radez.hr>”
• Return to “Henry Terkura Swende <he***e@gmail.com>”
• Return to “Jed Gainer <je***r@gmail.com>”
• Return to “Karotu Tannang <ka***u@nauoi.com.ki>”
• Return to “Sebastian Schneider <se***r@gmail.com>”
• Return to “Johnny Solbu <so***u@solbu.net>”

• Return to “Timothy White <ti***8@gmail.com>”

• 2014-03-09 (Mon, 10 Mar 2014 08:43:34 +1200) - [GRASE-Hotspot] Can portal be secure? https - Karotu Tannang <ka***u@nauoi.com.ki>
  • 2014-03-09 (Sun, 09 Mar 2014 18:17:15 -0700) - Re: [GRASE-Hotspot] Can portal be secure? https - Jed Gainer <je***r@gmail.com>
    • 2014-03-09 (Mon, 10 Mar 2014 15:50:00 +1000) - Re: [GRASE-Hotspot] Can portal be secure? https - Timothy White <ti***8@gmail.com>
    • 2014-03-09 (Mon, 10 Mar 2014 07:00:37 +0100) - Re: [GRASE-Hotspot] Can portal be secure? https - Drazen <dr***a@radez.hr>
    • 2014-03-10 (Tue, 11 Mar 2014 08:32:19 +1200) - Re: [GRASE-Hotspot] Can portal be secure? https - Karotu Tannang <ka***u@nauoi.com.ki>
      • 2014-03-10 (Tue, 11 Mar 2014 06:50:54 +1000) - Re: [GRASE-Hotspot] Can portal be secure? https - Timothy White <ti***8@gmail.com>
        • 2014-03-10 (Mon, 10 Mar 2014 23:32:07 +0100) - Re: [GRASE-Hotspot] Can portal be secure? https - Johnny Solbu <so***u@solbu.net>
          • 2014-03-10 (Tue, 11 Mar 2014 08:57:31 +1000) - Re: [GRASE-Hotspot] Can portal be secure? https - Timothy White <ti***8@gmail.com>
        • 2014-03-10 (Tue, 11 Mar 2014 11:49:18 +1200) - Re: [GRASE-Hotspot] Can portal be secure? https - Karotu Tannang <ka***u@nauoi.com.ki>
  • 2016-03-29 (Tue, 29 Mar 2016 03:26:41 -0700) - Re: [GRASE-Hotspot] Can portal be secure? https - Sebastian Schneider <se***r@gmail.com>
    • 2016-03-29 (Tue, 29 Mar 2016 21:05:32 +1000) - Re: [GRASE-Hotspot] Can portal be secure? https - Timothy White <ti***8@gmail.com>
      • 2016-03-30 (Wed, 30 Mar 2016 07:18:06 -0700) - Re: [GRASE-Hotspot] Can portal be secure? https - Sebastian Schneider <se***r@gmail.com>
        • 2016-03-30 (Thu, 31 Mar 2016 06:25:00 +1000) - Re: [GRASE-Hotspot] Can portal be secure? https - Timothy White <ti***8@gmail.com>
          • 2016-03-30 (Wed, 30 Mar 2016 21:51:01 +0100) - Re: [GRASE-Hotspot] Can portal be secure? https - Henry Terkura Swende <he***e@gmail.com>
            • 2016-04-01 (Fri, 01 Apr 2016 08:32:27 -0700) - Re: [GRASE-Hotspot] Can portal be secure? https - Sebastian Schneider <se***r@gmail.com>
              • 2016-04-01 (Fri, 01 Apr 2016 19:11:40 +0100) - Re: [GRASE-Hotspot] Can portal be secure? https - Henry Terkura Swende <he***e@gmail.com>
                • 2023-01-23 (Mon, 23 Jan 2023 01:25:42 -0800) - Re: [GRASE-Hotspot] Can portal be secure? https - Deepak Kaushik <de***3@gmail.com>