SSL issue with Central on my internal network

I succeed installing central on my local machine with IP address 192.168.0.18 on my LAN for testing purpose before deploying on my public server. I created a projetct, an app, an app user, upload form and media files and granted rights for the user.

I face a problem when i try to get the form list into collect.

Sale screen as here but I think for other reasons :

Is ther a way to disable ssl certification for lacal testing or a workaround to get a certiciate for my local server (without a domain name)

Thanks a lot

@issa gave me the following info a while back that could be useful?

Central requires HTTPS to be secure, and that it expects the following path structure:

  • https://…/* serves the frontend files. there is no frontend server; in the docker-compose setup we just leverage the nginx ssl terminator to also serve the static files.
  • https://…/v1/* is a proxy to the backend api. (the backend service will wish to see the /v1/ at root)

the backend expectations can be adjusted by proxy rewrites; the frontend may require more work depending on what you wish to set up.

2 Likes

If it's just for testing purposes, you'll probably love using ngrok as described in Testing ODK Collect with a Custom Server and Self Signed Certs and Authentication.

2 Likes

Hello @mathieubossaert.
Could you share a tutorial or image or a description of how to install Central Server .
Best regards.

Hi @famador, here is a link to the documentation with tutorials and guidance: https://docs.opendatakit.org/central-setup/

2 Likes

hello, unfortunately not. I just follow the documentation,
from here because docker is already installed on my machine :
https://docs.opendatakit.org/central-install-digital-ocean/#installing-odk-central

But I am stuck on ssl issue on my local machine. I did not have time to test @LN and @danbjoseph proposals since she answered me.

so the problem you have here is that you are on a local (192.168..) IP address. this means that Let's Encrypt cannot provide a valid SSL certificate for you.

your options are:

  1. set up a local certificate authority that secures your development machine, and install that certificate on your android device (hard, time-consuming)
  2. mess with Central's code to remove HTTPS checks and run everything insecure (not hard, but dangerous)
  3. reinstall Central using a public domain name as suggested in the documentation, rather than use a local IP address
2 Likes

Thank @issa that's it.
As far as I understand, I can install Central without https and access/manage it with firefox.
The https problem only impact the connection between phone and server.
So I will manage form submission through usb.

I haven't installed through the Docker setup recently but I thought I could use ngrok for testing last time I did that. Is that not the case? Note that @mathieubossaert states he just wants to try things out locally before doing a real deployment.

You'll also find that certain Central actions aren't permitted such as downloading a submission CSV.

Maybe this post is relative to our deicsussion :
https://forum.opendatakit.org/t/need-data-collection-help-for-covid-19-response/25442/8?u=mathieubossaert