Trying to run termpair on LAN with SSL

[OOOlledj]

Describe the bug
Trying to launch termpair on on LAN (192.168.31.234 on my domestic network), not localhost (127.0.0.1) finishes with message on browser, that i can not use non-secure connection:

termpair serve -p 8000 --host 192.168.31.234

and on sharing window:

termpair share -p 8000 --host 192.168.31.234

When opening browser with link (which is HTTP) I get from sharing terminal I see next message:

I decided to run it on LAN, with --keyfile and --certificate options to make secure connection (it is going to set up "HTTPS", right?). So I created SSL certificate with openssl library. The key, certificate are located in /etc/httpd/httpscertificate/ folder . But when I try command:

termpair serve -p 8000 --host 192.168.31.234 --certfile /etc/httpd/httpscertificate/192.168.31.234.crt --keyfile /etc/httpd/httpscertificate/192.168.31.234.key

I receive an error:

TermPair encountered an error. If you think this is a bug, it can be reported at https://github.com/cs01/termpair/issues

Traceback (most recent call last): File "/home/ooolledj/.local/lib/python3.8/site-packages/termpair/main.py", line 140, in main run_command(args) File "/home/ooolledj/.local/lib/python3.8/site-packages/termpair/main.py", line 124, in run_command uvicorn.run( File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/main.py", line 393, in run server.run() File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/server.py", line 50, in run loop.run_until_complete(self.serve(sockets=sockets)) File "uvloop/loop.pyx", line 1494, in uvloop.loop.Loop.run_until_complete File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/server.py", line 57, in serve config.load() File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/config.py", line 284, in load self.ssl = create_ssl_context( File "/home/ooolledj/.local/lib/python3.8/site-packages/uvicorn/config.py", line 115, in create_ssl_context ctx.load_cert_chain(certfile, keyfile, get_password) PermissionError: [Errno 13] Permission denied

Sudo command does not help with it

sudo: termpair: command not found

I created RSA key and SSL certificate with this guide:
https://www.rosehosting.com/blog/how-to-generate-a-self-signed-ssl-certificate-on-linux/
Then I just set path to files them with --keyfile and --certfile options in termpair serve.

Expected behavior
It should accept my .key and .crt files and run termpair on LAN ip-address, which with I can use termpair share for example on my mobile phone and see and type commands

I FOUND THE SOLUTION. UPDATE:
I thought it happens because i can not input certificate password and it does not let me use It. Truly, while writing report I tried to change access to .key file:

sudo chmod a+r /etc/httpd/httpscertificate/192.168.31.234.key

After that all my termpair commands with serve, share and --keyfile, --certfile options run perfectly (you can see HTTPS connection is established):

Now the question: how can I protect my .key file from unauthorized access and still be available to run termpair on HTTPS without using chmod a+r on .key file?

[cs01]

I generated the cert and key with openssl req -newkey rsa:2048 -nodes -keyout host.key -x509 -days 365 -out host.crt. I then have permissions of

-rw-rw-r--  1  1245 Jun  2 03:03 host.crt
-rw-------  1   1704 Jun  2 03:03 host.key

where the key is only readable by me, and it works fine with TermPair. Does this setup work for you? Do you know what permissions the key had before you added a+r? It might have something to do with the directory it's in (/etc/httpd). Maybe try moving it to your home dir and trying again.

[OOOlledj]

Everything works fine without any modifications on files with chmod. Certificate and keypair, created with command which you point out, were accepted without any notifications or warnings, Thank you.

Probably, there was problem with access rights on /etc/httpd folder. Permissions are the same as yours:

-rw------- 1 2484 авг 2 11:52 keypair.key
-rw-rw-r-- 1 1789 авг 2 11:53 host.crt