Flic Home

    Community

    • Login
    • Search
    • Popular
    • Users

    Question re Validate Certificate(s) option in Internet Request

    Flic Hub
    2
    6
    389
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • willliam
      willliam last edited by

      For about a few weeks or I should say after my Flic LR Hub is updated to v4.3.5 the Validate Certificate(s) option under Internet Request no longer recongize certificates that issued by Let's Encrypt. I can confirm the certificates that I generated are all valid and yet expired.

      Toggling off the validate certificate(s) option off and all webhook back in business in a second.

      Emil 1 Reply Last reply Reply Quote 0
      • Emil
        Emil FlicTeam @willliam last edited by

        @willliam The Flic Hub can generally connect to servers that use Let's Encrypt certificates so there must be some other error.

        The Wireshark tool cannot be run from within a web browser. You must download the software and run it. I'd appreciate if you could try this. After starting the program, you select "Capture" on your wifi or ethernet interface. Then it starts to log packets. At this time, either run the curl command as instructed in my previous post. Or, if your TLS server runs on the same computer as the one running Wireshark, please try to access the https server using the Flic Hub. Then stop the capture, save, and send me/upload the capture file.

        1 Reply Last reply Reply Quote 0
        • willliam
          willliam @Emil last edited by

          @Emil I am currently using pfsense and acme plug-in for let's encrypt certificate generation, for you i believe you can try - https://letsencrypt.org/docs/ and see which option suit you the best to do the same.

          for some reasons i can't run wireshark from my browser but what i can assure you is that regardless from browser, api tool, and other of my internal services that uses the same have no problem at all.

          for now i am happy to leave the validation option off but just feel like it is better to report back here so you guys can have a look at it.

          Emil 1 Reply Last reply Reply Quote 0
          • Emil
            Emil FlicTeam @willliam last edited by Emil

            @willliam Can you instruct me how I can myself generate such certificates in order to be able to reproduce the problem?

            Alternatively run curl --tls-max 1.2 https://YOUR_URL in the terminal while capturing the traffic using Wireshark and upload the trace file.

            willliam 1 Reply Last reply Reply Quote 0
            • willliam
              willliam @Emil last edited by

              @Emil Hi Emil. They are all internal url with valid ssl certificates that issued by Let's Encrypt.

              Emil 1 Reply Last reply Reply Quote 0
              • Emil
                Emil FlicTeam @willliam last edited by

                @willliam Can you give me a domain name/url to test with?

                willliam 1 Reply Last reply Reply Quote 0
                • First post
                  Last post