Community
OpenEnergyMonitor

OpenEnergyMonitor Community

Connection Failed with iOS App and SSL

Tags: #<Tag:0x00007fc9c4430310>

Hi,

I’m a new emoncms user and really liking it.

When trying to connect the iOS app to my locally hosted instance I get the error message Error: The connection failed. Please try again, either when adding the connection details manually or via the QR code. This is with both v1.1 and the previous version; emoncms is at v9.9.5

emoncms is set up with my own certificate authority and DNS server and works through safari using these (so I can access it via https://emoncms.home.<mydomain>.co.uk)

A wireshark trace on the server shows the initial SSL handshake, but then nothing.

Hopefully I’m just doing something daft!

Thanks,
David

I think @mattjgalloway’s yer man for this, hopefully he will see this and have some wise words to share.

Ah interesting and sorry this isn’t working properly.

Is it a self signed certificate? If so, does your iPhone have the root certificate (or the main certificate) installed and authorised? If it’s not a known certificate then Apple’s APIs will fail when trying to connect. It’s a slightly annoying limitation for apps like this, that Apple require proper HTTPS with a known certificate.

If it’s a letsencrypt or certificate using another known root CA then I am unsure why it’s doing this, but I can try to help!

Yes in the sense that I’m both the requester and signer of the certificate, but by generating a CSR and signing that with my private CA.

I’ve installed the root certificate which all looks like it’s working and can access emoncms through safari using SSL with no warnings:

This is the exact error message:

Cheers,
Dave

Ah interesting. That’s very odd. It should be working if you’ve trusted it there, and Safari is working. Just to be sure - you are 100% using the same domain when trying in Safari and in emoncms iOS app right? I’m sure you are but just want to check as you’ve (rightly so) blurred them out in the screenshots.

I’ll try to whip up a self signed certificate myself soon and test it out.

Is there a reason you’re not using letsencrypt to get free, trusted, SSL certificates? I’m using that and it works fine for me. Just a suggestion while I figure out the self signed malarkey.

No problem - always good to double check!
Yes, both URLs are the same:

https://emoncms.home.<mydomain>.co.uk

I had changed the apache configuration from the default install of

https://emoncms.home.<mydomain>.co.uk/emoncms/

…but did try changing that back in case anything was expecting the /emoncms suffix somewhere.

So purely because Let’s Encrypt didn’t exist when I originally set up the network and nothing is publicly accessible. I do need to have a dabble with Let’s Encrypt though, so maybe this is a good excuse :slight_smile: .

Originally I was just going to use HTTP but when when that didn’t work, I saw your post over in the other thread (Error: The connection failed, please try again) about Apple requiring SSL and thought “I’ve already got that all set up!”.

Thanks for your help - it’s very much appreciated.

@dave1 - ah OK cool. Yeh it’s very strange. I’m surprised it’s not working! I only use Apple’s standard networking stack in the app, which is presumably what Safari is using, and from what you’ve shown, you’ve told iOS as a whole to trust the certificate. So it’s very odd! I will still try to reproduce the problem with my own self-signed certificate, and then I’ll be able to debug properly. I’ve been looking into how I can also provide an option to make the app accept untrusted certificates, optionally. As that might be a nice way to handle these kinds of cases.