Homarr•3mo ago

Problem with ping for self-signed external service

Hello, I am trying to get the status indicators to properly report status. I have managed this by setting the ping URL to the internal address, this has worked for all but one of the services I am running. The one exception is crafty controller, it is running on another computer and it is using a self-signed certificate to establish an https connection, for some reason it never recognises it as up. I have tried with both http:// and https:// at the start of the URL but nothing seems to work this is the result of accessing the URL from curl:

curl http://192.168.100.7:8443
curl: (56) Recv failure: Connection reset by peer

curl https://192.168.100.7:8443
curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the webpage mentioned above.

curl http://192.168.100.7:8443
curl: (56) Recv failure: Connection reset by peer

curl https://192.168.100.7:8443
curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the webpage mentioned above.

Solution:

Okay not sure, however I've created a pr that will remove the requirement valid certificates for the ping. It will be released next friday

Jump to solution

6 Replies

Cakey Bot•3mo ago

Thank you for submitting a support request. Depending on the volume of requests, our team should get in contact with you shortly.

⚠️ Please include the following details in your post or we may reject your request without further comment: - Log (See https://homarr.dev/docs/community/faq#how-do-i-open-the-console--log) - Operating system (Unraid, TrueNAS, Ubuntu, ...) - Exact Homarr version (eg. 0.15.0, not latest) - Configuration (eg. docker-compose, screenshot or similar. Use ``your-text`` to format) - Other relevant information (eg. your devices, your browser, ...)

Frequently Asked Questions | Homarr documentation

Can I install Homarr on a Raspberry Pi?

TheRedCyclopsOP•3mo ago

Log: https://privatebin.io/?f6b261b54f5a861c#8BExyyoMKUMUYZhPUkCJdajGeH6cPcThkthdDAJReXiJ OS: OMV (Debian) 7.7.9-1 (Sandworm) Homarr version: 1.24.0 Docker compose:

services:
  homarr:
    image: ghcr.io/homarr-labs/homarr:latest
    restart: unless-stopped
    volumes:
      - homarr:/appdata
    environment:
      - SECRET_ENCRYPTION_KEY=[REDACTED]
      - DOCKER_HOSTNAMES=homarr_proxy
      - DOCKER_PORTS=2375
      - AUTH_PROVIDERS=oidc
      - AUTH_OIDC_ISSUER=https://auth.domain.dev
      - AUTH_OIDC_CLIENT_ID=[REDACTED]
      - AUTH_OIDC_CLIENT_SECRET=[REDACTED]
      - AUTH_OIDC_CLIENT_NAME=Authelia
      - AUTH_OIDC_AUTO_LOGIN=true
      - AUTH_LOGOUT_REDIRECT_URL=https://auth.domain.dev/logout
      - AUTH_OIDC_FORCE_USERINFO=true
    expose:
      - '7575:7575'
    networks:
      - shared
      - default
  socket-proxy:
    image: lscr.io/linuxserver/socket-proxy:latest
    environment:
      - CONTAINERS=1
      - ALLOW_START=1 #optional
      - ALLOW_STOP=1 #optional
      - ALLOW_RESTARTS=1 #optional
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: unless-stopped
    read_only: true
    tmpfs:
      - /run
    networks:
      - default

volumes:
  homarr:
  
networks:
  shared:
    name: base_shared
    external: true

services:
  homarr:
    image: ghcr.io/homarr-labs/homarr:latest
    restart: unless-stopped
    volumes:
      - homarr:/appdata
    environment:
      - SECRET_ENCRYPTION_KEY=[REDACTED]
      - DOCKER_HOSTNAMES=homarr_proxy
      - DOCKER_PORTS=2375
      - AUTH_PROVIDERS=oidc
      - AUTH_OIDC_ISSUER=https://auth.domain.dev
      - AUTH_OIDC_CLIENT_ID=[REDACTED]
      - AUTH_OIDC_CLIENT_SECRET=[REDACTED]
      - AUTH_OIDC_CLIENT_NAME=Authelia
      - AUTH_OIDC_AUTO_LOGIN=true
      - AUTH_LOGOUT_REDIRECT_URL=https://auth.domain.dev/logout
      - AUTH_OIDC_FORCE_USERINFO=true
    expose:
      - '7575:7575'
    networks:
      - shared
      - default
  socket-proxy:
    image: lscr.io/linuxserver/socket-proxy:latest
    environment:
      - CONTAINERS=1
      - ALLOW_START=1 #optional
      - ALLOW_STOP=1 #optional
      - ALLOW_RESTARTS=1 #optional
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: unless-stopped
    read_only: true
    tmpfs:
      - /run
    networks:
      - default

volumes:
  homarr:
  
networks:
  shared:
    name: base_shared
    external: true

Meierschlumpf•3mo ago

You'll need to upload the root of the certificates you trust to homarr certificates page in tools. See https://homarr.dev/docs/management/certificates/ Homarr will only trust, what is on the general trusted list (defined in nodejs) or uploaded as trusted certificate. Certificates are stored in the file system and can also be replaced by a script if necessary: https://homarr.dev/docs/management/certificates/#managing-it-through-file-system

Certificates | Homarr documentation

On this page you can manage your trusted certificates.

TheRedCyclopsOP•3mo ago

I've now added the certificate to the trusted certificates, but it still reports the service as not online, I've uploaded directly the certificate the application serves since it appears to be self signed, is that supposed to work? attached is the certificate in question

650d1d3dc582.pem

Solution

Meierschlumpf•3mo ago

Okay not sure, however I've created a pr that will remove the requirement valid certificates for the ping. It will be released next friday

TheRedCyclopsOP•3mo ago

really nice, thanks! I will close this then

Gaming

Programming

Problem with ping for self-signed external service

Did you find this page helpful?