Mrot

force_https not working on linux

Recommended Posts

On Ubuntu Server 16.04.1 LTS (Xenial Xerus) I've installed Resilio Sync and started by:

systemctl enable resilio-sync

adjusted the /etc/resilio-sync/config.json file:

{
    "listening_port" : 0,
    "storage_path" : "/var/lib/resilio-sync/",
    "pid_file" : "/var/run/resilio-sync/sync.pid",
    "agree_to_EULA": "yes",

    "webui" :
    {
        "listen" : "0.0.0.0:999",
        "login" : "xxx",
        "password_hash" : "xxx"
    }
}

restarted the service, and everything works fine, on URL http://196.168.666.666:999/gui.

Next, I'm creating a certificate in /etc/resilio-sync/ folder:

openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout sync.key -out sync.crt

and updating config.json:

{
    "listening_port" : 0,
    "storage_path" : "/var/lib/resilio-sync/",
    "pid_file" : "/var/run/resilio-sync/sync.pid",
    "agree_to_EULA": "yes",

    "webui" :
    {
        "listen" : "0.0.0.0:999",
        "login" : "xxx",
        "password_hash" : "xxx"

        ,"force_https" : true
        ,"ssl_certificate" : "/etc/resilio-sync/sync.crt"
        ,"ssl_private_key" : "/etc/resilio-sync/sync.key"
    }
}

Unfortunately, now when I access https://196.168.666.666:999/gui the connection fails. Any idea what may be wrong?

Share this post


Link to post
Share on other sites

I am having the exact same problem.

This works:

{
    "storage_path" : "/var/lib/resilio-sync/",
    "pid_file" : "/var/run/resilio-sync/sync.pid",

  "webui" :
  {
    "listen" : "0.0.0.0:8888"

    ,"allow_empty_password" : false
    ,"force_https" : true
//    ,"ssl_certificate" : "/etc/letsencrypt/live/www.iridescentsky.com/fullchain.pem"
//    ,"ssl_private_key" : "/etc/letsencrypt/live/www.iridescentsky.com/privkey.pem"

  }
}
 

This does not:

{
    "storage_path" : "/var/lib/resilio-sync/",
    "pid_file" : "/var/run/resilio-sync/sync.pid",

  "webui" :
  {
    "listen" : "0.0.0.0:8888"

    ,"allow_empty_password" : false
    ,"force_https" : true
    ,"ssl_certificate" : "/etc/letsencrypt/live/www.iridescentsky.com/fullchain.pem"
    ,"ssl_private_key" : "/etc/letsencrypt/live/www.iridescentsky.com/privkey.pem"

  }
}
 

systemctl status resilio-sync shows no errors. The daemon loads by every indication but i cannot connect with the daemon when i use my own cert/key. I am using these files with apache and others without any issue.

 

Share this post


Link to post
Share on other sites

Because you have a , (comma) to much in the part that doesnt work.

Try this

 {
    "storage_path" : "/var/lib/resilio-sync/",
    "pid_file" : "/var/run/resilio-sync/sync.pid",

  "webui" :
  {
    "listen" : "0.0.0.0:8888"

    ,"allow_empty_password" : false
    ,"force_https" : true
    ,"ssl_certificate" : "/etc/letsencrypt/live/www.iridescentsky.com/fullchain.pem"
    "ssl_private_key" : "/etc/letsencrypt/live/www.iridescentsky.com/privkey.pem"

  }
}

 

Share this post


Link to post
Share on other sites

Hello!

I have the same problem on a debian9 VM with Resilio Sync.

I tried all the versions from this thread - without success!

Here my /etc/resilio-sync/config.json:

Quote

{
    "storage_path" : "/var/lib/resilio-sync/",
    "pid_file" : "/var/run/resilio-sync/sync.pid",

    "webui" :
    {
        "listen" : "0.0.0.0:8888"
        
    ,"force_https" : true
    ,"ssl_certificate" : "/etc/resilio-sync/cert.pem"
    "ssl_private_key" : "/etc/resilio-sync/pkey.pem"
    }
}

cert.pem is the "Server Certificate"
pkey.pem is the "Private Key"

The command systemctl status resilio-sync.service ends with an error (see enclosed file).

What's wrong? What can I do?

Many thanks in advance!

Thomas

resilio_error1.jpg

Share this post


Link to post
Share on other sites

Hi thomas,

You forgot a comma in your json file: 

"force_https" : true
    ,"ssl_certificate" : "/etc/resilio-sync/cert.pem"
    "ssl_private_key" : "/etc/resilio-sync/pkey.pem"

missing an ',' just before "ssl_private_key". This comma closes the previous line

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.