[Important] Printoid and full SSL support

Posted on by Anthony STEPHAN

Some of you are connecting to their OctoPrint server using SSL (HTTPS) for security reasons, what I can totally understand.

But according the configuration (and especially the reverse-proxy one) that may result on the following screen when trying to access your OctoPrint web interface:

test

Fortunately, you can bypass this screen by clicking on “Continue to this website”, or adding the server self-signed certificate to the trusted certificates.

In Printoid, this is a bit harder. Indeed, I’ve tried a patch that will execute the same action than the previous button (“Continue to this website”), bypassing the certificate verification. But… the update has been rejected by Google Play: I can’t do that dues to the Google Play security policies.

So, when your activate the SSL support in Printoid, you will probably get the following error:

screenshot_20170112-203609

1st solution: add the self-signed SSL certificate to Android

Here’s a great article I’ve found on coderwall.com, thanks to Sergi from Barelona:

Some people are developers. Some of them have secure sites. What’s more incredible, some want to test their websites on mobile phones with a environment as similar as possible to the production one, so they want to use a self-signed SSL certificate. Then, why it’s so difficult to do it?

After much trial and error, here’s a bulletproof guide to do in on Linux:

  • Open Firefox (I suppose it’s also possible with Chrome, but it’s easier for me with FF)
  • Visit your development site with a self-signed SSL certificate.
  • Click on the certificate (next to the site name)
  • Click on “More information”
  • Click on “View certificate”
  • Click on “Details”
  • Click on “Export…”
  • Choose “X.509 Certificate whith chain (PEM)”, select the folder and name to save it and click “Save”
  • Go to command line, to the directory where you downloaded the pem file and execute “openssl x509 -inform PEM -outform DM -in <certificatename>.pem -out <certificatename>.crt”
  • Copy the .crt file to the root of the /sdcard folder inside your Android device
  • Inside your Android device, Settings > Security > Install from storage. It should detect the certificate and let you add it to the device
  • Browse to your development site. The first time it should ask you to confirm the security exception. That’s all. The certificate should work with any browser installed on your Android (Browser, Chrome, Opera, Dolphin…)

Remember that if you’re serving your static files from a different domain (we all are page speed bitches) you also need to add the certificate for that domain.

The full article can be found at this link.

I have not tried this method by myself, because I don’t use SSL. But we can found the same method in many other blogs/forums, so I think this is reliable.

 

2nd solution: auto-trust the self certificates

Since Printoid v7.09, you can check the “Auto-trust self-signed certificate” option in your OctoPrint profile.

When this option is enabled, Printoid will be able to automatically accept the certificate when requested by the HTTPS commands. Enable this option at your own risks, I’m not responsible of the consequences!

Don’t hesitate to contact me to share your experience with Printoid and the SSL support.

Advertisement

One thought on “[Important] Printoid and full SSL support

  1. Pingback: Version 7.09 (05/12/2017) – Printoid for OctoPrint

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s