i think best way just use long password like 32 symbols in PEM style thats sure make life easier also mb crt/key but how it use in curl or other stuff like insomnia? i am think about build some UI for API james cuz i think its rly good API and easy to understand outputs
пн, 3 февр. 2025 г. в 14:47, Benoit TELLIER <btell...@apache.org>: > I think the most straightforward fix is to remove this TLS capability on > webadmin and just expect the user to set up the TLS termination via a > reverse proxy. > > WDYT? > > On 03/02/2025 08:41, Ilya Terskov wrote: > > trying > > curl -v https://hranitel-ist.ru:8443/users > > * Host hranitel-ist.ru:8443 was resolved. > > * IPv6: (none) > > * IPv4: 31.135.32.74 > > * Trying 31.135.32.74:8443... > > * Connected to hranitel-ist.ru (31.135.32.74) port 8443 > > * schannel: disabled automatic use of client certificate > > * ALPN: curl offers http/1.1 > > * schannel: next InitializeSecurityContext failed: SEC_E_INVALID_TOKEN > > (0x80090308) - Предоставленный функции токен неправилен > > * Closing connection > > * schannel: shutting down SSL/TLS connection with hranitel-ist.ru port > 8443 > > curl: (35) schannel: next InitializeSecurityContext failed: > > SEC_E_INVALID_TOKEN (0x80090308) - Предоставленный функции токен > неправилен > > > > on server side NO logs in james.log and in james console tracking all > > (active window) > > > > when try same but http - have log :) > > > > пн, 3 февр. 2025 г. в 14:34, Jean Helou <jean.he...@gmail.com>: > > > >> The first config looks correct. Anything in the logs server side ? > >> > >> Jean > >> > >> Le lun. 3 févr. 2025 à 07:55, Ilya Terskov <prosgar...@gmail.com> a > écrit > >> : > >> > >>> curl -X GET https://hranitel-ist.ru:8443/users > >>> curl: (35) schannel: next InitializeSecurityContext failed: > >>> SEC_E_INVALID_TOKEN (0x80090308) > >>> same for curl -k > >>> > >>> config > >>> enabled=true > >>> port=8443 > >>> host=0.0.0.0 > >>> https.enable=true > >>> https.cert=file://../cert/hranitel-ist.ru-crt.pem > >>> https.key=file://../cert/hranitel-ist.ru-key.pem > >>> https.chain=file://../cert/hranitel-ist.ru-chain.pem > >>> > >>> > >>> > >>> certificate for sure working cuz using on smtp and imap already with > >> paths > >>> <privateKey>file://../cert/hranitel-ist.ru-key.pem</privateKey> > >>> <certificates>file://../cert/hranitel-ist.ru-chain.pem</certificates> > >>> > >>> > >>> пн, 3 февр. 2025 г. в 13:45, Jean Helou <jean.he...@gmail.com>: > >>> > >>>> Hello ilya > >>>> > >>>>> James starting but it not work > >>>> That's a bit vague, what are the symptoms? Is the port open ? How do > >> you > >>>> query webmin ? What are the resonse codes ? > >>>> If you have a http response code, can you try to query /healthcheck ? > >>>> > >>>> Keep in mind that James webmin does not have a UI it is only APIs (but > >> of > >>>> course a UI contribution would be welcome :) ) > >>>> > >>>>> i dont find info about user/pass and how set it up? > >>>> I'm on my phone so I don't have the link but this is documented: there > >> is > >>>> no user/password security. Either webmin is open or you are supposed > to > >>> use > >>>> a jwt token. There are instructions on how to generate the jwt token > in > >>> the > >>>> documentation though it's not very straightforward > >>>> > >>>> Jean > >>>> > >>>> Le lun. 3 févr. 2025 à 06:55, Ilya Terskov <prosgar...@gmail.com> a > >>> écrit > >>>> : > >>>> > >>>>> Hi guys :) > >>>>> i have questions about webadmin.properties > >>>>> cant find full code with descriptions so ask here > >>>>> > >>>>> enabled=true > >>>>> port=8443 > >>>>> host=0.0.0.0 > >>>>> https.enabled=true > >>>>> https.cert=../cert/hranitel-ist.ru-crt.pem > >>>>> https.key=../cert/hranitel-ist.ru-key.pem > >>>>> https.chain=../cert/hranitel-ist.ru-chain.pem > >>>>> i make something like that. James starting but it not work, i ask > >>> chatgpt > >>>>> :) > >>>>> also i dont find info about user/pass and how set it up? > >>>>> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > >
