flynifr Posted January 9, 2010 Posted January 9, 2010 I just got my ISY-99 and I am trying to configure the HTTPS access to use iLinc. I have the port set properly in the ISY to 443 and have set the port forwarding in the Airport Extreme to forward TCP port 443 to the static IP I configured for the ISY. I can access the ISY over HTTP but still no luck with HTTPS. The only reason I need this is that I want iLinc to use my local IP for HTTP when I am home and it will not allow setting 2 HTTP addresses, one must be HTTPS. I did check and my ISP does not block port 443. Quote
tome Posted January 9, 2010 Posted January 9, 2010 I just got my ISY-99 and I am trying to configure the HTTPS access to use iLinc. I have the port set properly in the ISY to 443 and have set the port forwarding in the Airport Extreme to forward TCP port 443 to the static IP I configured for the ISY. I can access the ISY over HTTP but still no luck with HTTPS. The only reason I need this is that I want iLinc to use my local IP for HTTP when I am home and it will not allow setting 2 HTTP addresses, one must be HTTPS. I did check and my ISP does not block port 443. First, in regards to iLinc... I have iLinc configured with my local address and my remote address. It will use http (local address) when it is on the local lan via wifi. It will use the remote address via https when off my local net. I don't understand why you say you want two http addresses? Also, iLinc allows multiple profiles, so if for some reason you really do have/want two local addresses you could set up the other in a different profile. Regrading not being able to connect via https... You have not created a SSL Certificate from a MacOS device have you? There is a problem with certs created and installed from MacOS X at the moment. If not, then make sure the ISY in the Configuration tab is set to port 443 for https and that you have SSL Port on iLinc Pro set to 443 as well. Also, in iLinc the Connect Method should be set to Auto. Tome Quote
flynifr Posted January 9, 2010 Author Posted January 9, 2010 Thanks for the reply. I actually do not want 2 HTTP connections. I want to do exactly what you are doing but I cannot get the HTTPS connection to work. I really think that the problem is with my port forwarding configuration in the Airport Extreme because everything else (ISY, iLinc) matches. I have ISY, iLinc, and Airport Extreme set to use port 443 but to no avail. For now i have set the iLinc to a DynDNS address that I have linked to HTTP port 80 so I can connect from anywhere but that means that sitting around my house I am going out over the internet first then back to the ISY instead of staying on the local network. My Airport Extreme port forwarding configuration is: internal IP 10.0.1.196 Public TCP 80, 443 Private TCP 80,443 Quote
tome Posted January 9, 2010 Posted January 9, 2010 Thanks for the reply. I actually do not want 2 HTTP connections. I want to do exactly what you are doing but I cannot get the HTTPS connection to work. I really think that the problem is with my port forwarding configuration in the Airport Extreme because everything else (ISY, iLinc) matches. I have ISY, iLinc, and Airport Extreme set to use port 443 but to no avail. For now i have set the iLinc to a DynDNS address that I have linked to HTTP port 80 so I can connect from anywhere but that means that sitting around my house I am going out over the internet first then back to the ISY instead of staying on the local network. My Airport Extreme port forwarding configuration is: internal IP 10.0.1.196 Public TCP 80, 443 Private TCP 80,443 Actually, you probably are not going out over the internet, the router is probably issuing a redirect for the dyndns address which it knows is local but in any case.... I will assume that you didn't create a SSL cert for the ISY and that it is using the default cert for now... To take port forwarding out of the picture...what happens when you go to: https://10.0.1.196 in a browser window while on your local network? Tome Quote
flynifr Posted January 9, 2010 Author Posted January 9, 2010 HTTPS://10.0.1.196 from the local network returns "Can't connect to server" Quote
tome Posted January 9, 2010 Posted January 9, 2010 HTTPS://10.0.1.196 from the local network returns "Can't connect to server" So this is not a port forwarding issue. You should be able to get to the device locally via https if you have the port on the ISY set correctly. What version software is your ISY running (Help menu -> About)? Tome Quote
flynifr Posted January 9, 2010 Author Posted January 9, 2010 I just upgraded to 2.7.9 from 2.7.0 but was never able to get it working before either. I double checked both in the Config tab and through Telnet, HTTPS is set to 443. Quote
tome Posted January 9, 2010 Posted January 9, 2010 I just upgraded to 2.7.9 from 2.7.0 but was never able to get it working before either. I double checked both in the Config tab and through Telnet, HTTPS is set to 443. This sure sounds a lot like my problem when I try to create and install a cert from my Mac. To get the ISY back to it's default cert I have to remove the one that gets installed. To do that I telnet to the ISY, log in, and issue the command: RF /CONF/UD.DCF (this removes the file UD.DCF in the /CONF directory which is the cert file). I then reboot the ISY, which can be done at the telnet prompt with: RS I am not saying you should do this, or that it will fix your problem (my disclaimer)... Tome PS: What system are you connecting from? Are you using the admin console app? Quote
flynifr Posted January 10, 2010 Author Posted January 10, 2010 THAT WORKED!! Deleting the SSL Cert fixed the problem. I now get a pop-up reminding me to change the default Certificate but I can wait for the fix in the next build. iLinc now connects via HTTPS and I can connect from a web browser through my DynDNS using either HTTP or HTTPS. Quote
Michel Kohanim Posted January 10, 2010 Posted January 10, 2010 Hi flynifr, There's an issue with MAC/Java/Crypto library which causes the certificates to be created with invalid information. We are looking into it as we speak. If you have a PC, please give that a try and it should be fixed. With kind regards, Michel Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.