-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tailscale post-install setup requires a valid NAS SSL cert #62
Comments
The actual release is https://github.com/tailscale/tailscale-qpkg/releases/tag/v1.34.1, please use that one. |
DentonGentry
added a commit
to tailscale/tailscale
that referenced
this issue
Dec 30, 2022
When the user clicks on the Tailscale app in the QNAP App Center, we do a GET from /cgi-bin/authLogin.cgi to look up their SID. If the user clicked "secure login" on the QNAP login page to use HTTPS, then our access to authLogin.cgi will also use HTTPS but the certiciate is self-signed. Our GET fails with: Get "https://10.1.10.41/cgi-bin/authLogin.cgi?sid=abcd0123": x509: cannot validate certificate for 10.1.10.41 because it doesn't contain any IP SANs or similar errors. Instead, access QNAP authentication via http://localhost:8080/ as documented in https://download.qnap.com/dev/API_QNAP_QTS_Authentication.pdf Fixes tailscale/tailscale-qpkg#62 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
I did try that release at one point but got confused since "Open" didn't do anything and I had already seen the pre-released version did... but now I notice it's because I should have followed the setup instructions from that release's README.md. |
DentonGentry
added a commit
to tailscale/tailscale
that referenced
this issue
Jan 3, 2023
When the user clicks on the Tailscale app in the QNAP App Center, we do a GET from /cgi-bin/authLogin.cgi to look up their SID. If the user clicked "secure login" on the QNAP login page to use HTTPS, then our access to authLogin.cgi will also use HTTPS but the certiciate is self-signed. Our GET fails with: Get "https://10.1.10.41/cgi-bin/authLogin.cgi?sid=abcd0123": x509: cannot validate certificate for 10.1.10.41 because it doesn't contain any IP SANs or similar errors. Instead, access QNAP authentication via http://localhost:8080/ as documented in https://download.qnap.com/dev/API_QNAP_QTS_Authentication.pdf Fixes tailscale/tailscale-qpkg#62 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
DentonGentry
added a commit
to tailscale/tailscale
that referenced
this issue
Jan 3, 2023
When the user clicks on the Tailscale app in the QNAP App Center, we do a GET from /cgi-bin/authLogin.cgi to look up their SID. If the user clicked "secure login" on the QNAP login page to use HTTPS, then our access to authLogin.cgi will also use HTTPS but the certiciate is self-signed. Our GET fails with: Get "https://10.1.10.41/cgi-bin/authLogin.cgi?sid=abcd0123": x509: cannot validate certificate for 10.1.10.41 because it doesn't contain any IP SANs or similar errors. Instead, access QNAP authentication via http://localhost:8080/ as documented in https://download.qnap.com/dev/API_QNAP_QTS_Authentication.pdf Fixes tailscale/tailscale-qpkg#62 Signed-off-by: Denton Gentry <dgentry@tailscale.com> (cherry picked from commit 467ace7)
coadler
pushed a commit
to coder/tailscale
that referenced
this issue
Feb 2, 2023
When the user clicks on the Tailscale app in the QNAP App Center, we do a GET from /cgi-bin/authLogin.cgi to look up their SID. If the user clicked "secure login" on the QNAP login page to use HTTPS, then our access to authLogin.cgi will also use HTTPS but the certiciate is self-signed. Our GET fails with: Get "https://10.1.10.41/cgi-bin/authLogin.cgi?sid=abcd0123": x509: cannot validate certificate for 10.1.10.41 because it doesn't contain any IP SANs or similar errors. Instead, access QNAP authentication via http://localhost:8080/ as documented in https://download.qnap.com/dev/API_QNAP_QTS_Authentication.pdf Fixes tailscale/tailscale-qpkg#62 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I decided to try out the new QNAP package on:
https://github.com/tailscale/tailscale-qpkg/releases/download/qnap-v1.34.1/Tailscale_1.34.1-1_arm-x41.qpkg
After install, clicking on the Tailscale app to set it up fails with an SSL error in the body of the page that opened.
The install docs should mention a valid SSL cert is required and/or suggest how to do it from the CLI manually... which is what I ended up doing to workaround that with
/share/CACHEDEV1_DATA/.qpkg/Tailscale/tailscale up
After I got Tailscale up and I changed QNAP to not force HTTPS logins to test this out, I was able to log in via HTTP:// on the Tailscale interface IP address and the Tailscale web UI loaded.
QTS 5.0.1.2248
TS version 1.34.1-1
The text was updated successfully, but these errors were encountered: