-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Default calendar with https and self signed certificates #466
Comments
Since this is an edge case, I will probably won't change this in the near future. Feel free to send a well documented pull request. |
Hi @kodejak You can't push code directly to this repo, without having developer privileges. Just fork the repo and make your changes and then submit a pull request:-) |
Accepting self-signed certificates blindly poses a security risk. It would be like not using HTTPS at all and any data transmitted over the connection can be manipulated or intercepted. I would suggest you to try and get a proper certificate. Have a look at Let's Encrypt for a free certificate that is properly signed and authenticated. If MichMich thinks the way forward for MagicMirror would be to allow self-signed certificates, I would opt to have the list of accepted certificates to be configurable and absolutely not blindly accepting any self-signed certificates! |
Since I don't think anyone will work on this, I close this issue for now. Feel free to reopen. |
Many people use Own-/Nextcloud together witht he https protocol. This is supposed to make self-signed certificates work with the calendar module and fix the issue MagicMirrorOrg#466.
Added the fix for MagicMirrorOrg#466 under ### Fixed
@kodejak : could you please provide the rest of the source code, then I can change the code and add a pull request. |
I hope the PR will include more than just the current code change. This one, as stated before, makes MagicMirror accept any certificate and thus effectively disables any https security. Please at least make this a configurable option instead of default behavior. In the last couple of years software and browser companies have been trying to work on a safer web, also based on https. Let's try and keep all software as safe as possible and not just blindly accept any certificates without warning. |
Although testing was successfull, with the new release 2.15.0 of MagicMirror, even with the "selfSignedCert" Switch set in the config.js I now get the error "UNABLE_TO_VERIFY_LEAF_SIGNATURE". It seems that setting the User Agent Option "rejectUnauthorized: false" doesn't work. Maybe it has something to do with the new change in this version "Removed ical which was substituted by node-ical in release v2.13.0. Module developers must install this dependency themselves in the module folder if needed." ? It is quite hard to debug, can anyone help and support to find the error? Furthermore I would like to add this parameter to the documentation of the calendar module: What do I need to do in order to add the parameter? |
I have no setup to test this. In
You can add another line and test if this works
By the way these options are disabling (more or less) ssl, so I don't see any advantage in using that over http. |
Added: Fix fetch option httpsAgent to agent (MagicMirrorOrg#466)
It seems that the above mentioned code wasnt the problem. There was a wrong option "httpsAgent" used in the fetch instead of the correct option "agent". |
* update README.md * fix broken start scripts & yarn * add *.env to .gitignore * yarn * use yarn * install valid-url * add custom variables * add original main.css bak * add color variables * base line-height on scale * base font sizes on rem and var(--base) * use variables for fonts * add custom.css.sample * adjust new opacities * update CHANGELOG.md * run prettier * add original main.css bak * Update .gitignore * delete useless file * revert 'dimming' method * change --base to --font-size * update sample css * Fix alerts Fixes MagicMirrorOrg#2522 * Prettifier * Update dependencies and lock files * Undo README changes * Update custom.css.sample * Undo script changes, Update CHANGELOG * Fixing fetch option httpsAgent to agent in calendar module (MagicMirrorOrg#466) Co-authored-by: earlman <earl.mangulabnan@gmail.com> Co-authored-by: Ezequiel Holzweissig <hello@ezeholz.com.ar> Co-authored-by: Ezequiel Holzweissig <ezequielgh1999@gmail.com> Co-authored-by: Michael Teeuw <michael@xonaymedia.nl> Co-authored-by: veeck <veeck@neofonie.de> Co-authored-by: config <rubbishstuff@gmx.net>
I still get this error. So where do I have to change "httpsAgent" to "agent"? |
Hello,
I'm new to MagicMirror and tried to get my calendar of a self hosted owncloud / nextcloud instance with self signed certificate.
It doesn't work out-of-the-box. So I decided to test this.
I had to change three files to get this work. Additional to pass a new calendar config entry from
calendars: []
to the call chain (parameters), I had to edit the file "calendarfetcher.js":After line 28++:
I added:
This work as well. But I don't know any side effects of this!
Please make self signed certs to work with calendar app.
And forgive this submitting style, because I have no idea how to push code without cloning your repo to my account. I'm very new to git :)
The text was updated successfully, but these errors were encountered: