I installed Mattermost on Suse Linux with nginx as a proxy. I used openssl to generate SSL. I can access mattermost on browser with HTTP or HTTPS, but when I open on mobile app I cant access with HTTPS.
Can you me to solve this one?
Thanks @thomson for the report.
Which device does the issue reproduce?
Also, are you using the old iOS/Android app (named “Mattermost (2016)”, or the new Beta app?
Hi @jasonblais thanks for reply
I tried on my android app, both beta and ‘Mattermost’.
I built mattermost with nginx on my VM and bridge to my local network.
My question
How can I access it on mobile apps with HTTPS? I tried with http and it’s work smoothly.
Thank you
The problem could be how your SSL certificates are setup, in some cases you need to add additional settings for it to run on every known mobile depending on whether you’re using one of the free certificates like comodo or let’s encrypt.
Also SNI may be an issue for older mobile OS’s and browsers.
You could use this site to test it:
https://www.ssllabs.com/ssltest/analyze.html
But AFAIK this can happen for when accessing it using a browser on mobile, not sure if this same case can be applied to mattermost app.
After you run the above test scroll down to handshake simulation and you will see which devices support the current certificate you’re using.
In some cases simple changing your nginx settings as follow can fix the issue:
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
The above will give u an A+ rating.
Keep in mind that, this is a very specific case scenario with SSL and might not be your issue, this is just me assuming without enough information provided from your side.
Thanks for reply @prixone.
In other case. I worked on my local network, so I created SSL key with openssl. Did mattermost support HTTPS for mobile apps with openssl generated key (test from local network with IP address) ?
Or, how can i create/generate trusted CA for local servers?
Thanks you
@thomson ideally if you could provide information on what error you get in details, we would be able to guide you better, like I said above that was just am assumption, but depending on what kind of error you’re getting, how you’ve setup everything it could be something else completely.