Re: Apache webadmin

Benoit TELLIER Sun, 02 Feb 2025 23:47:36 -0800

I think the most straightforward fix is to remove this TLS capability onwebadmin and just expect the user to set up the TLS termination via areverse proxy.


WDYT?


On 03/02/2025 08:41, Ilya Terskov wrote:

trying
curl -v https://hranitel-ist.ru:8443/users
* Host hranitel-ist.ru:8443 was resolved.
* IPv6: (none)
* IPv4: 31.135.32.74
*   Trying 31.135.32.74:8443...
* Connected to hranitel-ist.ru (31.135.32.74) port 8443
* schannel: disabled automatic use of client certificate
* ALPN: curl offers http/1.1
* schannel: next InitializeSecurityContext failed: SEC_E_INVALID_TOKEN
(0x80090308) - Предоставленный функции токен неправилен
* Closing connection
* schannel: shutting down SSL/TLS connection with hranitel-ist.ru port 8443
curl: (35) schannel: next InitializeSecurityContext failed:
SEC_E_INVALID_TOKEN (0x80090308) - Предоставленный функции токен неправилен

on server side NO logs in james.log and in james console tracking all
(active window)

when try same but http - have log :)

пн, 3 февр. 2025 г. в 14:34, Jean Helou <jean.he...@gmail.com>:

The first config looks correct. Anything in the logs server side ?

Jean

Le lun. 3 févr. 2025 à 07:55, Ilya Terskov <prosgar...@gmail.com> a écrit
:

curl -X GET https://hranitel-ist.ru:8443/users
curl: (35) schannel: next InitializeSecurityContext failed:
SEC_E_INVALID_TOKEN (0x80090308)
same for curl -k

config
enabled=true
port=8443
host=0.0.0.0
https.enable=true
https.cert=file://../cert/hranitel-ist.ru-crt.pem
https.key=file://../cert/hranitel-ist.ru-key.pem
https.chain=file://../cert/hranitel-ist.ru-chain.pem



certificate for sure working cuz using on smtp and imap already with

paths

<privateKey>file://../cert/hranitel-ist.ru-key.pem</privateKey>
<certificates>file://../cert/hranitel-ist.ru-chain.pem</certificates>


пн, 3 февр. 2025 г. в 13:45, Jean Helou <jean.he...@gmail.com>:

Hello ilya

James starting but it not work

That's a bit vague, what are the symptoms? Is the port open ? How do

you

query webmin ? What are the resonse codes ?
If you have a http response code, can you try to query /healthcheck ?

Keep in mind that James webmin does not have a UI it is only APIs (but

of

course a UI contribution would be welcome :) )

  i dont find info about user/pass and how set it up?

I'm on my phone so I don't have the link but this is documented: there

is

no user/password security. Either webmin is open or you are supposed to

use

a jwt token. There are instructions on how to generate the jwt token in

the

documentation though it's not very straightforward

Jean

Le lun. 3 févr. 2025 à 06:55, Ilya Terskov <prosgar...@gmail.com> a

écrit

Hi guys :)
i have questions about webadmin.properties
cant find full code with descriptions so ask here

enabled=true
port=8443
host=0.0.0.0
https.enabled=true
https.cert=../cert/hranitel-ist.ru-crt.pem
https.key=../cert/hranitel-ist.ru-key.pem
https.chain=../cert/hranitel-ist.ru-chain.pem
i make something like that. James starting but it not work, i ask

chatgpt

:)
also i dont find info about user/pass and how set it up?


---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
For additional commands, e-mail: server-user-h...@james.apache.org

Re: Apache webadmin

Reply via email to