emoncms over https [Solved}

As IoT develops, and emoncms becomes a player in MQTT, the issue of security is becoming more important, so I've got a freebie SSL certificate (being a Yorkshireman!) from https://www.startssl.com/ and am enabling https for both servers.
Node-red has https options built in, so it was pretty easy to implement, and my apache server likewise.

However emoncms does not take kindly to https, and the only page which opens is the 'Account' landing page, all other menu items create a 404 error.

I see that a patch was implemented almost 3 years ago into index.php but there is no mention of it now (has it got lost in the revisions?

Has anyone had any success using emoncms over a secure connection?

 

Paul

sumnerboy's picture

Re: emoncms over https [Solved}

I haven't sorry Paul but I am interested in this, for the same reasons as you. Did you follow a guide for setting up your certificate on Apache? I have already obtained a certificate from startssl, like you, but am pretty lost as to how to configure my web server...

bond79's picture

Re: emoncms over https [Solved}

I have my local emoncms working in https with a self-signed SSL certificate on debian/apache2 and I haven't noticed any problems, with the website or posting new data. I haven't changed anything particular regarding the emoncms installation.

Paul Reed's picture

Re: emoncms over https [Solved}

bond79 - did you change to https before or after installing emoncms?
I suspect the the former.

Paul

bond79's picture

Re: emoncms over https [Solved}

Yes, I had https installed before and used the https url to setup emoncms.

Paul Reed's picture

Re: emoncms over https [Solved}

In that case, it's possibly URLs saved in MYSQL that is causing issues.
I'm aware that emoncms does use absolute URLs for certain functions instead of relative URLs, such as graphs, So maybe need to have a look around the MYSQL table and see if I can spot any URLs needing updating that would affect the config.

Ben - I'll post something about https setup when I get home this evening.

Paul

bond79's picture

Re: emoncms over https [Solved}

The absolute URL is indeed used in the dashboard settings in MySQL when referring to embedded graphs. I didn't find any other references. These of course should be changed to allow dashboard to function properly but I don't think it's the problem.

The 404 problems make me suspect that the https virtualhost of apache is not setup correctly to allow .htaccess rewrites. Https and http use seperate virtualhost entries and it must be configured seperately for the emoncms directory or the whole server.
 

 

Paul Reed's picture

Re: emoncms over https [Solved}

I've changed the default-ssl file from;

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>
<Directory /var/www>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
</Directory>

to

<Directory />
    Options FollowSymLinks
    AllowOverride All
</Directory>
<Directory /var/www>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Directory>

And now it works fine, and I can access all of the emoncms links over https. 

I just need to access phpmyadmin and change the dashboard column to 'https' instead of 'http' and try to find a way of getting rid of the Gravatar link from the 'account' page as the link is an insecure resource and affects the secure certification. Does anyone really use the gravatar feature anyway - I don't think it's even documented anywhere or mentioned in the forums...?

Paul

Paul Reed's picture

Re: emoncms over https [Solved}

For info, I've documented the whole process in this post - http://openenergymonitor.org/emon/node/5997

Paul

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.