ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. chris_jacksys
    C
    • Profile
    • Following 0
    • Followers 0
    • Topics 1
    • Posts 3
    • Best 0
    • Controversial 0
    • Groups 0

    chris_jacksys

    @chris_jacksys

    0
    Reputation
    366
    Profile views
    3
    Posts
    0
    Followers
    0
    Following
    Joined Last Online
    chris_jacksys Unfollow Follow

    Latest posts made by chris_jacksys

    • RE: Calling MeshCentral Users / Experts

      @dafyre OK Same here, I am using certbot for certs which uses LE.

      posted in IT Discussion
      C
      chris_jacksys
    • RE: Calling MeshCentral Users / Experts

      Thanks is your NGinx not part of your MEsh Central and on another Server? I'll post my config.

      server {
#    if ($host = remote.website.co.uk) {
#        return 301 https://$host$request_uri;
#    } # managed by Certbot


 listen 443 ssl;
 server_name remote.website.co.uk;
 # MeshCentral uses long standing web socket connections, set longer timeouts.
 proxy_send_timeout 330s;
 proxy_read_timeout 330s;
 # We can use the MeshCentral generated certificate & key
    ssl_certificate /etc/letsencrypt/live/remote.website.co.uk/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/remote.website.co.uk/privkey.pem; # managed by Certbot
 ssl on;
 ssl_session_cache shared:WEBSSL:10m;
 ssl_ciphers HIGH:!aNULL:!MD5;


ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;


 location / {
 proxy_pass http://10.9.8.15:4430;
# proxy_http_version 1.1;

 # Allows websockets over HTTPS.
 proxy_http_version 1.1;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 # Inform MeshCentral about the real host, port and protocol
 proxy_set_header X-Forwarded-Host $host:$server_port;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Forwarded-Proto $scheme;
 }

}

      10.9.8.15 being an example IP of my Mesh Central.z

      posted in IT Discussion
      C
      chris_jacksys
    • Calling MeshCentral Users / Experts

      Hi all

      Ive been lurking here for a few weeks trying to figure out a problem with MeshCentral that I have.
      Basically im trying to push it through an NGinx server which is what all of my other web stuff goes through, its on the same network as my MeshCentral Server.

      In my config file my cert option is 'remote.website.com' mt TLSOffload is pointing to the internal IP of my NGinx server and the cert URL I have tried pointing to website.com and remote.wbsite.com and nothing... my clients try to connect I get an error server-side saying Bad certificate hash. So I am not entirely sure which bit I need to use.
      On my site, I have a cert for remote. and also a wildcard.

      In Nginx everything seems to be fine, my alias port is 443, when connecting in from a client, the agent say wss://remote.website.com:443 so that part is correct.

      How do I get around the certificate issue??

      My Mesh Server is port 80 only no certs that side at all, maybe a self signed one which TLSOffload should negate.
      I am stuck but would really appreciate some assistance - and would really love to get it working this way!

      Thanks in advance.
      Chris

      posted in IT Discussion
      C
      chris_jacksys