https PR_END_OF_FILE_ERROR

[ambipur76]

Current UI and client versions:

Application version: AirDC++w 2.7.0 i686
Web UI version: 2.7.0

Browser: Mozilla Firefox 75.0.

Operating system:

Debian 10 x86, kernel: 4.19.0-8-686-pae #1 SMP Debian 4.19.98-1 (2020-01-26) i686 GNU/Linux

Steps to reproduce the issue:

I am trying in Firefox the address https://192.168.1.1:5601
With the default certificates located at /etc/airdcpp/Certificates/client.crt and client.key there is no problem.

With my current letsencrypt certificates which I am successfully using with my web server lighttpd I get an error in Firefox: Secure Connection Failed An error occurred during a connection to 192.168.1.1:5601. PR_END_OF_FILE_ERROR
I have copied the letsencrypt certificates in the directory mentioned above and configured AirDC++ to point to these certificates.

I have also tried with self signed certificates generated with the following command:
openssl req -x509 -newkey rsa:2048 -keyout 2048.key -out 2048.crt -days 365
and
openssl req -x509 -newkey rsa:4096 -keyout 4096.key -out 4096.crt -days 365
I am getting the same error message with both self signed pair of certificates (2048 bit ones and 4096 bits also).

Am I doing something wrong? Do you have any idea?

[maksis]

I'm not sure if it's possible to get it working. I'd recommend adding a proxy server that will handle HTTPS (see https://airdcpp-web.github.io/docs/advanced/nginx-setup.html).

[ambipur76]

The question is than that is the https functionality in AirDC++ Web Client in the present form a useful feature? I mean that if it only works with the default self signed certificates, than the developers could consider to remove this from the code to spare some resources.
However I succeeded to configure haproxy to work as a proxy server for AirDC++ Web Client after restricting the web UI accessibility to the localhost only.
Are you interested to include that information in the manual to AirDC++, near the information about the nginx proxy configuration?

[maksis]

The question is than that is the https functionality in AirDC++ Web Client in the present form a useful feature? I mean that if it only works with the default self signed certificates, than the developers could consider to remove this from the code to spare some resources.

I believe that you need to use a .pem certificate file. I managed to make it work when generating the certificate with these steps: https://serverfault.com/questions/889581/how-to-generate-a-pem-certificate-in-an-easy-way-for-testing

I'll add a clarification on the settings page and a link to proxy config examples in the next version.

However I succeeded to configure haproxy to work as a proxy server for AirDC++ Web Client after restricting the web UI accessibility to the localhost only.
Are you interested to include that information in the manual to AirDC++, near the information about the nginx proxy configuration?

I've now moved the example proxy configurations to https://github.com/airdcpp-web/airdcpp-webclient/wiki so that it's easier for other people to edit them or post new configurations. You should be able to edit the wiki and add your configuration example there.

[maksis]

Now when I tested it, the application seems to work just fine even with letsencrypt certificates. I just copied the certificates from /etc/letsencrypt/live/mydomain (cert.pem and privkey.pem), configured them in the app and it worked right away. Just make sure that the file permissions are set correctly for the certificates (the application is able to read them).