Jump to content
Not connected, Your IP: 52.15.170.196
smokerlolilol

QBittorrent access it in https

Recommended Posts

Hi,
I want to access qbittorrent webui in https. I am of course connected to the vpn

First of all, I will explain you how I did to access to the synology in https, because I am able to connect to synology in https.

For this, I created a DDNS in synology.


It created automatically an https certificate.


After that, I created a forwarded ports in airvpn



So, when I write https://MY_DDNS.synology.me:FORWARDED_PORT, it work without any problem !


Now, for qbittorrent, I also fowarded the port


After that, I export the certificate.



It gave me a .zip file of these files



I put the file ECC-cert.pem and the file ECC-privkey.pem in my qbittorrent config folder.



Finally, when I try to access https://MY_DDNS.synology.me:FORWARDED_PORT, it does not work.

Do you know what I did wrong?

Thank you
 

 

Share this post


Link to post
1 hour ago, smokerlolilol said:

it does not work.


You omitted the most important information in that whole post – the resulting error message. Or at least a description of what is not working. Is it reachable? If yes, do the browsers give you cert warnings?
Did Synology give you two certificates with different ciphers, or what's the difference between the RSA and ECC sets?

What I'm also seeing is that you've got an additional chain certificate for verification of intermediate CAs. It must be verified, too, otherwise any browser will have trust issues. You've got two options: Join the cert and the chain into one file, or let a reverse proxy handle HTTPS.
If you want to try joining them, paste the contents of -chain.pem directly after -cert.pem and save it as something like -fullchain.pem. Use the new file as the certificate. Keep to one cipher, don't mix ECC and PEM. If it doesn't work, try reversing the order.
If you want to try reverse proxying, have a look at the wiki. More involved, though.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
Quote
You omitted the most important information in that whole post – the resulting error message.

Sorry, your right.
I get the error on chrome: ERR_CONNECTION_CLOSED
image.png.3aa2f994f905fcc6c49bc22e8026bf30.png

So, in brief, it is not reachable.
Quote
 Did Synology give you two certificates with different ciphers, or what's the difference between the RSA and ECC sets?
I have only one certificate.
I have no idea what is the difference between RSA and ECC 😕
Quote
If you want to try joining them, paste the contents of -chain.pem directly after -cert.pem and save it as something like -fullchain.pem. Use the new file as the certificate. Keep to one cipher, don't mix ECC and PEM. If it doesn't work, try reversing the order.

I search where the certificate was store on the nas. I found it here: /usr/syno/etc/certificate/_archive/qKH5Xm/ECC-fullchain.pem and it already have fullchain
image.png.69f27e657bf82212516c49eaacfd879f.png

I try with fullchain.pem + privkey.pem, ECC-fullchain.pem + ECC.privkey.pem and RSA-fullchain.pem + RSA.privkey.pem, but I have the same result.

Share this post


Link to post
22 minutes ago, smokerlolilol said:

So, in brief, it is not reachable.


So you shouldn't have bothered with trying all these combinations – qB doesn't seem to even come to send them to the browser. The question is: Only when trying to access it via AirVPN, or even in the local network? So please verify that qB web can be viewed from the machine it's running on, and if that works, verify qB web working from your local network.

Next, the qB log will probably help a great deal. Paste it here.

Then, please refrain from making screenshots – always copy text. Unless you are explicitly asked to provide a screenshot.

And last, in other news, this is slowly turning into a qB support request – moved to Off-Topic.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Qbittorrent work on my local network when it is in http.

Logs (yes, it is only one line):

(C) 2021-09-13T16:21:12 - Web UI: HTTPS setup failed, fallback to HTTP

I will try to make an reverse proxy, because I think it will be more simple.

Share this post


Link to post
According to the source, this message is thrown after key and cert are read. The setupHttps function uses these two and returns a false (= failure) if either cert or key file are empty. Which leads me to believe that one or both of the files you enter there cannot be read due to permissions or something. Make sure those certs are present at the path /XXX/ and readable by the user running qB. Best change the owner (chown <user>) instead of making the file readable by other (chmod o+r).

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Hi,
You are probably right, but I found a way that like that, I am no longer obligate to remember the port !

First of all, you will need to reproduce the step made here: https://mariushosting.com/synology-how-to-enable-https-on-dsm-7/ (Do not do the step 3!!!)

Then, you will need to reproduce the step made here: https://mariushosting.com/synology-how-to-add-wildcard-certificate/

Finally, you will need to add an forwarded ports on the local port 443.
So, basically this (sorry, I know you don't like image, but I think it is really usefull in this case):
image.png.63cc9b9f1b6ffaa94a9627b82f1d22a8.png

Now, you should be able to access to: https://NAME_OF_THE_APPLICATION.YOUR_DDNS.synology.me:YOUR_FORWARDED_PORT/

I hope it can help some people.

Thank you for your help @OpenSourcerer

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...