Ir al contenido
Menú
Se marcó esta pregunta
2 Respuestas
6650 Vistas

hello,

I am using postbox (iotbox) in version 12 of the odoo community, I also use https but when I send print I get an error that says:

 Navigate to https://192.168.1.17 to accept the certificate of your IoT Box.

https connection to iot box failed, I understand that it is by the digital certificate, but how can I enable it in the iotbox.

Thanks a lot,

Avatar
Descartar
Mejor respuesta

@qle 's answer is not right. You CAN have a trusted certificate for a local ip but what I am gonna explain here is how to create a self signed certificate for your iot box so that you can import later on to your browser.

First log into your iot box and create a self signed certificate for nginx:

cat << 'EOT' > /etc/ssl/san.cnf
[req]default_bits = 2048
distinguished_name = req_distinguished_name
req_extensions = req_ext
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
countryName = XX
stateOrProvinceName = N/A
localityName = N/A
organizationName = YourName
commonName = OdooIoTBoxCertificate
[req_ext]
subjectAltName = @alt_names
[v3_req]
subjectAltName = @alt_names
[alt_names]
IP.1 = YOUR_IOTBOX_IP
EOT

openssl req -x509 -nodes -days 365000 -newkey rsa:2048 -keyout key.pem -out cert.pem -config /etc/ssl/san.cnf
mv cert.pem /etc/ssl/certs/iot.crt
mv key.pem /etc/ssl/private/iot.key

Add those certs to the iotbox nginx proxy and when ready navigate to the iotbox homepage, then your browser will complain but you can then export the cert and add it to the trusted root certificate. You will be able then to naviagate to https://YOUR_IOT_IP and it will be secure, 


Avatar
Descartar

How can I prevent that the certificate gets deleted after every restart of the Odoo IOT box?
I also the SSH password resets on my IOT box after every restart.

the ssl is working, however after rebooting, the certificate got deleted

Make sure run below command before creating the certificate and changing the nginx config. This will preventing the certificate got deleted after reboot.

sudo mount -o remount,rw /
sudo mount -o remount,rw /root_bypass_ramdisks/
sudo chroot /root_bypass_ramdisks/

Mejor respuesta

Hello,

You can't just 'enable' it.

A certificate is linked to a domain. So you can't have a trusted certificate to a local ip address...

You must have a dns to resolve a subdomain to your local ip address

Avatar
Descartar