Does Traccar Manager support HTTPS protocol?

Krzysztofa year ago

Traccar Manager app does seem to have issues while connecting to server via https

What is the problem and quick description

I'm having problems connecting my Traccar Manager app to my Traccar Server.
I've used the app with success when I was accessing server trough http protocol but for security reason I've switched to https (with self-signed certificate) and I can not access it.

My server setup

My server is in local network with local IP and accessed from outside via NAT and port forwarding.
Server is lintening for https at port 443 and http at port 8082 on local IP.
Https is port-forwarded for port 50000 to outside world and port 8082 is for local access only (ie not forwarded for security reasons).
Web interface is accessible at https://PUBLIC_IP_ADDR:50000 and works flawlessly.
Tracecar trackers ports are also forwarded on my router to different public ip ports for security reasons and they work fine.
In this setup Traccar has almost no changes in configuration except for adding https support.

My app setup

I try to connect to server via WAN and HTTPS using https://PUBLIC_IP_ADDR:50000 and got error:

Server connection failed.

with no more explanation.

I also tried connecting via LAN and HTTPS to https://LOCAL_IP_ADDR and https://LOCAL_IP_ADDR:443 ald also got the same error.

I tried to connect to server via LAN and HTTP at http://LOCAL_IP_ADDR:8082 and it worked fine.

Conclusion

From what I can see it looks like Traccar Manager has no support for https protocol. I'd prefer not to open port for http traffic just to connect this app to server so i'm forced to use mobile web browser (which looks similar but is slightly less responsive than the app).
If I'm wrong and missing something please let me know.

Anton Tananaeva year ago

Can you provide URL?

Krzysztofa year ago

You can look into it on https://nerdrack.ddns.net:50000

Anton Tananaeva year ago

You are using invalid certificate:

NET::ERR_CERT_AUTHORITY_INVALID
Krzysztofa year ago

Yes, as I've written before I'm using self signed certificate - default one generated by system.
Did you get that error in browser or is that from logs from traccar manager app?
While in browser this can be bypassed:

   In firefox: by clicking 'Advanced' and 'Accpet risk, continue'.
    In Chrome: by clicking 'Advanced' and 'Open website XXXXX (insecure)'

This is only due to fact that this is self signed certificate - untrusted but valid.

I've created my own CA and signed certificate that this server is using. So basically my phone with traccar manager trusts this website - it has green lock on url bar when i visit it via browser. Not it's the same as if i were to use SSL certificate that I'd bought for this domain (at least for me and for everyone who would install this CA).

After adding this CA I've tried all steps from above and still i get the same error.

If You are willing to try further help me I'd gladly send over my CA via email or other more personal than forum means of communication, so You can try it in VM or android emulator (not to install my CA in your devices since You don't know me and I understand if You had some safety concerns regarding installing unknown CA ;) ).

I doubt it's certificate problem basing on what I've tried but I still may be wrong.

Anton Tananaeva year ago

Your browser trusts it or your phone trusts it? I'm almost certain that it's a certificate issue. Just get a valid trusted certificate. I don't see any good reason not to.

Krzysztofa year ago

Since I installed ca on phone directly under trusted root ca whole android should trust this ca.
I'm fiddling with server and my networking setup as well as with my domain name (thats why it ddns for now) so I thought I'd go with self-signed certs for now.
I hope to get 'proper' certificate as soon as I can then.

Thank You very much for help