Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[QUESTION] How to ignore certificate for status check #181

Closed
Lissy93 opened this issue Aug 26, 2021 · 17 comments
Closed

[QUESTION] How to ignore certificate for status check #181

Lissy93 opened this issue Aug 26, 2021 · 17 comments
Labels
🤷‍♂️ Question [ISSUE] Further information is requested

Comments

@Lissy93
Copy link
Owner

Lissy93 commented Aug 26, 2021

Hello,
I apologize but I am not comfortable with this.
How do I make the ping ignore the signing of the https certificate? (UNABLE_TO_VERIFY_LEAF_SIGNATURE)

Thx

Originally posted by @EVOTk in #35 (comment)

@Lissy93 Lissy93 added the 🤷‍♂️ Question [ISSUE] Further information is requested label Aug 26, 2021
@Lissy93
Copy link
Owner Author

Lissy93 commented Aug 26, 2021

Heya @EVOTk :)
I've moved this to a new issue.
So are you running Dashy via HTTPS, and trying to check the status of a non-HTTPS service? Or the otherway around?

If it's the case that the service you are accessing has an unsigned certificate, then you can ignore this by setting rejectUnauthorized: false in the headers. You can set status check headers with statusCheckHeaders. But this isn't great for security, so I would only do this if it is a local service within your LAN.
Hope that helps :)

@EVOTk
Copy link
Contributor

EVOTk commented Aug 26, 2021

Hello !
thank you for your responsiveness, again!

I use Dashy locally, through a VPN.
The service I am trying to check the status is HTTPS with a self-signed certificate (Proxmox)

2021-08-26 17_27_02-Window

  - name: "Serveur"
    items:
      - title: "Proxmox"
        description: ""
        icon: "proxmox.png"
        url: "https://192.168.2.40:8006"
        statusCheck: true

This gives the same result:

  - name: "Serveur"
    items:
      - title: "Proxmox"
        description: ""
        icon: "proxmox.png"
        url: "https://192.168.2.40:8006"
        statusCheck: true
        statusCheckHeaders: {rejectUnauthorized: false}

@Lissy93
Copy link
Owner Author

Lissy93 commented Aug 26, 2021

Hmm okay, so maybe this is something that I have to do in the code. I could add in an optional attribute, that is off by default, so that users can disable SSL rejection for an individual service (if they are slef-hosting). I'll look into this tonight when I get home from work and hopefully get something working :)

I also notice that the error text in the tooltip is overflowing, I'll fix that at the same time :)

@EVOTk
Copy link
Contributor

EVOTk commented Aug 26, 2021

Thank you so much ! Can't wait to try this :)

@EVOTk
Copy link
Contributor

EVOTk commented Aug 26, 2021

Thanks thanks thanks !

@Lissy93
Copy link
Owner Author

Lissy93 commented Aug 27, 2021

No problem :)
I'll get it merged tomorrow evening, when I get home from work, and let you know when it's done. Hopefully it'll work for you 🤞

@EVOTk
Copy link
Contributor

EVOTk commented Aug 27, 2021

Hello,
branch "FEATURE/ssl-status-check-options" works fine for me.
2021-08-27 02_36_58-EVOServ - Dashy

I am in a hurry for this to be merged :D :D

Take your time, don't do anything in a rush;)

Thanks again ! Good night !

@Lissy93
Copy link
Owner Author

Lissy93 commented Aug 27, 2021

Sorry it took me a while to merge, I wanted to test it properly and fix the tooltip styles at the same time.
But it's merged now, enjoy :)

@EVOTk
Copy link
Contributor

EVOTk commented Aug 27, 2021

Thank you very much, I will immediately pull the latest version in order to update my "Dashy" and take advantage of this :)

@EVOTk
Copy link
Contributor

EVOTk commented Aug 27, 2021

Hello @dtctek
I think this issue will be useful for you :)

https://github.com/Lissy93/dashy/blob/master/docs/showcase.md#ground-control

@Lissy93 Lissy93 pinned this issue Sep 28, 2021
@Lissy93 Lissy93 unpinned this issue Dec 22, 2021
@cyrus104
Copy link

I know this issue is closed but I have something very similar. I am using OPNsense for my router and it has a self signed certificate, works on the newtab page load but the service check fails with this message. I checked the other issues (open and closed) but couldn't find another issue with this error.

DEPTH_ZERO_SELF_SIGNED_CERT

@Borlean
Copy link

Borlean commented May 26, 2022

@cyrus104, I'm having the same issue. Did you figure it out?

Repository owner deleted a comment from liss-bot May 26, 2022
@Lissy93
Copy link
Owner Author

Lissy93 commented May 26, 2022

I'm guessing you've tried this, but did setting statusCheckAllowInsecure: true on the failing link help at all?

@cyrus104
Copy link

cyrus104 commented Jun 2, 2022

@Borlean and @Lissy93, that did work. I previously I used the option built into the graphical editor and it didn't work but when I did a copy and paste of this it into the config, worked as expected.

@Borlean
Copy link

Borlean commented Jun 7, 2022

Yes and no.

It's a self signed cert for tower.local and using https://tower.local in the config results in the above issue.
If i use https://[IP ADDRESS] then the error goes away. This is what I'm using now as the status light works, but i would prefer to use tower.local that is in the cert.

edit: used 'code' for links.

@Lissy93
Copy link
Owner Author

Lissy93 commented Jun 8, 2022

There's some more things you can try here

@Borlean
Copy link

Borlean commented Jun 9, 2022

I was able to use the statusCheckUrl to make it work. Checks the IP address but the url link sends me to tower.local. Perfect. Thanks for the help!

asterling8516 pushed a commit to asterling8516/dashy that referenced this issue Nov 23, 2023
Closes Lissy93#181

Signed-off-by: Bjorn Lammers <walkxnl@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🤷‍♂️ Question [ISSUE] Further information is requested
Projects
None yet
Development

No branches or pull requests

4 participants