In order to use HTTPS for Maus-Link Web UI (https://link.maustec.io), you will need to load a set of HTTPS Security Certificates onto your device. These certificates are used by your web browser to authenticate and secure the connection to the server. They are issued by a known trusted issuing agency, and authenticate a specific domain name for a server. In order for them to work, the domain name on the certificate (the CN or Common Name) must match the domain name of the server you are trying to connect to.
Since the Edge-o-Matic 3000 is a small device on your local network, and does not have a permanent, public domain name, it is not easily possible to issue a valid, trusted security certificate. For this, we use what is called a "Self-Signed Certificate", which has been pre-generated for you to download. Alternatively, you may generate your own if you so choose. In order to allow your browser to trust a self-signed certificate, you must allow an exception for the connection.
This guide will walk you through the process of installing and enabling the SSL certificates on your Edge-o-Matic 3000, as well as accepting the security exception to allow the Maus-Link Web UI to connect to your device.
Installing the SSL Certificate
First, please download the two certificate (cert.pem and key.pem) files from our public GitHub repository. You can find the latest copy at the links below:
- cert.pem (https://raw.githubusercontent.com/MausTec/edge-o-matic-3000/main/examples/certs/cert.pem)
- key.pem (https://raw.githubusercontent.com/MausTec/edge-o-matic-3000/main/examples/certs/key.pem)
Copy these files to your MicroSD card. Do not put them in any directory; they should be in the same place as your config.json file:
Edit your config.json to enable SSL. In the config.json file, set “use_ssl” to true. Make sure your Wifi credentials are correct. (In this image, they are not used, but your file should have your Wifi name and password located here.) Save the config.json file once this is complete.
Tip: For an easier connection to your device, please note the "hostname" setting in your config file.
Insert the MicroSD card into your Edge-o-Matic 3000 and power on the device. Please verify that your Edge-o-Matic 3000 connects to your wireless network successfully.
Connect to Maus-Link Web UI
Now it is time to connect to the Maus-Link Web UI. Before we can securely use the Link connection, we must approve the security certificate exception. To do this, we must locate your device network name or IP address. On some networks, you should be able to connect to your device using the hostname noted above.
Try connecting to https://[hostname].local. By default, the hostname is "eom3k". If you have not changed this, you may connect to https://eom3k.local for this step.
If you receive an error regarding an unknown hostname (ERR_NAME_NOT_RESOLVED), please try connecting via IP:
On your Edge-o-Matic 3000, please navigate to the Main Menu > Networking > Connection Status. Your IP address will be displayed there if you are connected to your network. You may connect to https://[ip]. For example, if your IP address is 192.168.1.69, you may connect to https://192.168.1.69/ for the next step.
Accept the Security Exception
If you are shown the screen above, Click Advanced, then click Proceed. This will allow your web browser to use the Security Certificates you loaded in the first part of this tutorial.
Note: This screen will only appear the first time you connect to the Edge-o-Matic in this way.
Note: In firmware versions <= 1.2.x, nothing will happen after clicking to "Proceed to __ (unsafe)". This is normal. The EOM3K does not provide a non-websocket response right now. Once you click "Proceed ... (unsafe)", you will have to go back to Link and try your connection again.
Connect to Maus-Link Web UI
We can now connect to the Maus-Link Web UI. Using the "Local Network" tab, please enter either the hostname address or IP address of your device, whichever was used above:
Note: The Maus-Link Web UI is still under active development, and some bugs may occur. Additionally, using HTTPS results in a slower connection to your device, which may drop out periodically. We are working to improve this via firmware updates.
Note: HTTPS is required to avoid a variety of security exceptions in most modern web browsers. They absolutely do not like when you connect to unsecure (HTTP) connections anymore, as it is assumed that every single server should be capable of serving up a properly signed SSL certificate. Even if the server you are connecting to is a small potato device monitoring your orgasms on your local network with no fixed domain name for any certificate authority to issue against. Yup. Even that. Thanks, Security.
Comments
0 comments
Please sign in to leave a comment.