Jump to content

Open The Web interface in a https

J Julio F Leite - Cajoni - P e Q Comercial Ltda.

By J Julio F Leite - Cajoni - P e Q Comercial Ltda.
in DVBViewer Media Server

Recommended Posts

J Julio F Leite - Cajoni - P e Q Comercial Ltda. Newbie

J Julio F Leite - Cajoni - P e Q Comercial Ltda.

Posted
Posted

It seems that I did everything right, but i can't open the web interface of mine as secure one, i mean, as a https one. How can I do that?

HaraldL Proficient

HaraldL

Posted
Posted

Didn't do this lately so I hope I don't miss anything:

 

1. In DMS config go to Web/UPnP -> HTTPS, check the names and if needed add all forms of local addresses and IPs that you use to access the DMS website (i.e. "pc5" and "pc5.mydomain" etc.), then create a certificate by the button on this page

2. In DMS config go to Web/UPnp and set a port for HTTPS, usually 8088 by default

3. restart DMS (should not be needed but just to be sure)

Now the DMS webpage should be reachable by https with the new port (i.e. https: //pc5:8088) but may show an error that the cert is not valid or cannot be verified. Some browsers may refuse completely.

 

4. as written on the HTTPS config page copy "cacert.pem" and "InstallRootCertificate.bat" from cert folder of the DMS (there is a button for it on the page) to all client pcs that should access the DMS and execute the .bat by right mouse click "as administrator". For Firefox browser this does not work, here you have to go to cert settings in Firefox and import the .pem file as new root certificate. The two files can be deleted from clients afterwards.

 

After this step the client accepts the DMS cert as valid and instead of a warning shows a green sign in the address bar.

 

Warning: HTTPS secures the website only. If you forward the stream ports of the DMS those are not secured, you should not offer those by port forwarding on the internet!

 

When it works you should save the cacert.pem and cakey.pem of your install to a secure place. If you reinstall DMS and copy back those two files in the cert folder before you generate a new DMS cert previous clients accept it directly and you don't have to distribute the cert again to the clients. If you start from fresh you must delete the old cert from all clients and install the new one. And if you use more than one DMS you should copy the both ca*.pem files from first DMS to the other before you create a DMS cert. So all DMS server certs created with the same ca*.pem will be accepted by the same single cert on the clients.

 

J Julio F Leite - Cajoni - P e Q Comercial Ltda. Newbie

J Julio F Leite - Cajoni - P e Q Comercial Ltda.

Posted
  • Author
Posted
4 hours ago, HaraldL said:

Didn't do this lately so I hope I don't miss anything:

 

1. In DMS config go to Web/UPnP -> HTTPS, check the names and if needed add all forms of local addresses and IPs that you use to access the DMS website (i.e. "pc5" and "pc5.mydomain" etc.), then create a certificate by the button on this page

2. In DMS config go to Web/UPnp and set a port for HTTPS, usually 8088 by default

3. restart DMS (should not be needed but just to be sure)

Now the DMS webpage should be reachable by https with the new port (i.e. https: //pc5:8088) but may show an error that the cert is not valid or cannot be verified. Some browsers may refuse completely.

 

4. as written on the HTTPS config page copy "cacert.pem" and "InstallRootCertificate.bat" from cert folder of the DMS (there is a button for it on the page) to all client pcs that should access the DMS and execute the .bat by right mouse click "as administrator". For Firefox browser this does not work, here you have to go to cert settings in Firefox and import the .pem file as new root certificate. The two files can be deleted from clients afterwards.

 

After this step the client accepts the DMS cert as valid and instead of a warning shows a green sign in the address bar.

 

Warning: HTTPS secures the website only. If you forward the stream ports of the DMS those are not secured, you should not offer those by port forwarding on the internet!

 

When it works you should save the cacert.pem and cakey.pem of your install to a secure place. If you reinstall DMS and copy back those two files in the cert folder before you generate a new DMS cert previous clients accept it directly and you don't have to distribute the cert again to the clients. If you start from fresh you must delete the old cert from all clients and install the new one. And if you use more than one DMS you should copy the both ca*.pem files from first DMS to the other before you create a DMS cert. So all DMS server certs created with the same ca*.pem will be accepted by the same single cert on the clients.

 

It worked now, thanks.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...