https-Authentication fails when upgrading 2.7.2 -> 2.8.0

Question

https-Authentication fails when upgrading 2.7.2 -> 2.8.0

JayVee2 opened this issue 4 months ago · 7 comments

No authentication problems with https on 2.7.2.
With 2.8.0 browser reports, that security cannot be negotiated.

Downgraded to 2.7.2 -> OK.
Any ideas?

Answer 1 · 2024-05-29T07:51:32.000Z

Is it a public url or just a local one? If public, you likely need the iobroker.acme adapter now for handling certificates system wide.

Answer 2 · 2024-05-29T07:57:08.000Z

Is it a public url or just a local one? If public, you likely need the iobroker.acme adapter now for handling certificates system wide.

Local: 192.168.188.43:8087
to be used from Mediola (or others). VPN only, no public exposure.

Answer 3 · 2024-05-29T08:00:33.000Z

can you show the raw of the instance object of simple-api please

Answer 4 · 2024-05-29T08:20:22.000Z

can you show the raw of the instance object of simple-api please

{
"_id": "system.adapter.simple-api.0",
"type": "instance",
"common": {
"name": "simple-api",
"version": "2.7.2",
"title": "simpleAPI Adapter",
"desc": {
"en": "This adapter allows to read and write ioBroker objects and state with web RESTful API",
"de": "Dieser Adapter ermöglicht das Lesen und Schreiben von ioBroker-Objekten und den Status mit der Web-RESTful-API",
"ru": "Этот адаптер позволяет читать и записывать объекты и состояния ioBroker с помощью веб-RESTful API",
"pt": "Esse adaptador permite ler e gravar objetos ioBroker e declarar com a API RESTful da web",
"nl": "Deze adapter maakt het mogelijk om ioBroker-objecten te lezen en te schrijven en aan te geven met de web RESTful API",
"fr": "Cet adaptateur permet de lire et d'écrire des objets et des états ioBroker avec l'API Web RESTful",
"it": "Questo adattatore consente di leggere e scrivere oggetti e stato di ioBroker con l'API RESTful web",
"es": "Este adaptador permite leer y escribir objetos y estados ioBroker con API RESTful web",
"pl": "Ten adapter umożliwia odczyt i zapis obiektów ioBroker oraz ich stan za pomocą web RESTful API",
"zh-cn": "该适配器允许使用Web RESTful API读写ioBroker对象和状态"
},
"authors": [
"bluefox dogafox@gmail.com",
"Apollon77 ingo@fischer-ka.de",
"Marco.K marco@kaminski-net.de"
],
"license": "MIT",
"platform": "Javascript/Node.js",
"mode": "daemon",
"loglevel": "info",
"icon": "simple-api.png",
"webExtension": "lib/simpleapi.js",
"readme": "https://github.com/ioBroker/ioBroker.simple-api/blob/master/README.md",
"keywords": [
"web",
"simpleAPI",
"RESTful",
"communication"
],
"enabled": true,
"compact": true,
"extIcon": "https://raw.githubusercontent.com/ioBroker/ioBroker.simple-api/master/admin/simple-api.png",
"type": "communication",
"stopBeforeUpdate": true,
"localLink": "%protocol%://%ip%:%port%/get/system.adapter.simple-api.%instance%.uptime?prettyPrint",
"installedVersion": "2.7.2",
"host": "PI3",
"materialize": true,
"dependencies": [
{
"js-controller": ">=2.0.0"
}
],
"plugins": {
"sentry": {
"dsn": "https://1ad1b116fa644ec29e6f5d724b39f999@sentry.iobroker.net/12"
}
},
"installedFrom": "iobroker.simple-api@2.7.2",
"titleLang": {
"en": "Simple RESTful API",
"de": "Einfache RESTful API",
"ru": "Простой RESTful API",
"pt": "API RESTful simples",
"nl": "Eenvoudige RESTful API",
"fr": "API RESTful simple",
"it": "API RESTful semplice",
"es": "API RESTful simple",
"pl": "Prosty interfejs API RESTful",
"zh-cn": "简单的RESTful API"
},
"connectionType": "none",
"dataSource": "none",
"tier": 3,
"adminUI": {
"config": "json"
},
"licenseInformation": {
"type": "free",
"license": "MIT"
}
},
"native": {
"port": "8087",
"auth": true,
"secure": true,
"bind": "192.168.188.43",
"certPublic": "jvPublic",
"certPrivate": "jvPrivate",
"certChained": "",
"defaultUser": "admin",
"onlyAllowWhenUserIsOwner": false,
"webInstance": "",
"leEnabled": false,
"leUpdate": false,
"leCheckPort": 80,
"dataSource": "",
"allDatapoints": false,
"lePort": "80"
},
"acl": {
"object": 1636,
"owner": "system.user.admin",
"ownerGroup": "system.group.administrator"
},
"protectedNative": [],
"encryptedNative": [],
"instanceObjects": [],
"objects": [],
"notifications": [],
"from": "system.host.PI3.cli",
"user": "system.user.admin",
"ts": 1716922160458
}

Answer 5 · 2024-06-12T13:44:54.000Z

Gibt es noch eine Idee, was man man machen kann?

Answer 6 · 2024-09-10T06:06:28.000Z

Was genau ist die Anwendung? Ich hatte das gleichen Problem mit meiner Doorbird: Der TLS Handshake scheiterte bereits nach dem "client hello" aufgrund des application layer protocols. Die doorbird hat im client hello (im Gegensatz zu anderen clients) als einziges application layer protocol http/1.0 angeboten, alle anderen clients http/1.1.

Answer 7 · 2024-09-10T11:50:54.000Z

Problem tritt inzwischen nicht mehr auf. Die letzte Version funktioniert. Ich habe keine Erklärung.