-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Advanced connection options for server connection #46
Comments
Hey, thank you for sharing this idea! This seems like a useful feature, especially with all the sensitive documents that may be stored in Paperless. I'm currently working on the document editing feature and improvements to the in-app scanner so I'm not able to work on this now. I'd be happy to accept a pull-request with this implemented. To promote usage of client certificates, it would be nice if this could be integrated into the Paperless-NG documentation for the default Docker setup. Could you open an issue there as well? |
Good afternoon. |
One thing we could try is using a native Android HTTP client instead of using dio. However, this has the disadvantage of making it harder to maintain compatibility with iOS and also means we have to rewrite a big part of the app. I would really prefer if this could be fixed in Flutter/Dart. |
I'm another user and admin for friends, running instances of Paperless ng. |
I spent a very long time trying to get the application to work with a self signed certificate.
Neither option worked. As I understand it, this is the specifics of "dart" and the "dio" used. I found a way out for myself. I'm using HTTP over a VPN tunnel. I do not know how safe it is, I would like to know the opinion of experts in this matter. |
Thanks for testing this so thoroughly. At least we know now that we didn't miss anything obvious! Your setup should be secure if you trust everyone in your VPN. However, I would still recommend using HTTPS. What's stopping you from using a certificate from a trusted CA? |
I was planning to use "paperless" only on the local network anyway, behind the VPN. It seems to me that VPN will be more reliable in comparison with public paperless + HTTPS |
Sure, you can just use DNS validation, then you don't need a public IP. Let's Encrypt and ZeroSSL both offer that for free.
Unlikely, but it will certainly be more secure! |
Is your feature request related to a problem? Please describe.
I have a paperless-ng server set up - and I wanted to make it a little more secure. I have it fronted by nginx and require a client certificate in order to get to the login page. This extra layer breaks the app as there is no way to specify this information.
Describe the solution you'd like
I'd like some kind of advanced connection button that would allow for specifying a client certificate or other options.
Describe alternatives you've considered
I can always turn off the client cert option in Nginx - but I'd like to use it at some point for extra peace of mind. I could fork the project and do things myself, but I am not familiar with android apps or the underlying programming language of this app.
The text was updated successfully, but these errors were encountered: