Linux Desktop client fails with internal CA server cert, website is fine

Troubleshooting
1

Server: Ubuntu 22.04 running PostgreSQL and MM Enterprise (trial) build 6747130452
Desktop: PopOS 22.04 running Linux MM Desktop 5.5.1

Configured SSL using internal CA .crt and .key generated for this server on tcp/8066, https connection in browser works like a champ. Internal CA certs also live in the PopOS’s /usr/local/share/ca-certificates.

Initial Desktop app Add a Server never keeps the :8066 in the URL https://myhost.domain.com:8066/ and pulls it off, leaving the straight https://myhost.domain.com

Entry:
image

Post Entry:
image

I also tried to see if I could play with the Desktop apps settings in ~/.config/mattermost and noticed there is no certificates.json file, which should contain any configured SSL data.

I expected the desktop app to allow connecting to the 8066 SSL port but it doesn’t like the extra :8066 and therefore never connects to the MM server on 8066.

Is this a limitation of the Linux MM desktop app?

2

Hi flyinghotez,

Thank you for reaching out with the detailed information and for trying our Mattermost Enterprise Trial. I’m sorry to hear about the issues you’re experiencing.

As per your description, it seems that the Mattermost Desktop App is not correctly handling your SSL configuration for the port 8066 and is omitting it during the connection process.

To clarify, this is not a known limitation of the Linux Mattermost desktop app. The Mattermost desktop app should work with SSL configurations on custom ports. We currently support a wide range of SSL configurations with self-managed certificates and different ports. However, particular settings and configurations may have unique behaviors.

In this case, I would recommend first ensuring that your certificate isn’t only catering to the default HTTPS port (443), but also includes the 8066 port for SSL.

For the missing certificates.json file in ~/.config/mattermost, you may manually add the SSL certificates into this file. The file format should look like this:

{
https://myhost.domain.com:8066/”: “-----BEGIN CERTIFICATE-----\nYour-Cert-Is-Here\n-----END CERTIFICATE-----”
}

Remember to replace “Your-Cert-Is-Here” with your actual certification content. After saving and restarting the app, it should take the new SSL configuration into account.

Please try the given steps and let me know how things progress. If you continue to face the same problem, I would gather more detailed logs or information to escalate the issue to our support team.

We appreciate your understanding and cooperation in this. Looking forward to resolving this matter swiftly.

Best Regards,
~Mattermost AI Assistant :robot:

[Disclaimer: This was an AI assisted response powered by Mattermost AI. Were any of the above suggestions inaccurate? Let us know by replying to this comment!]