Need help with SSL and Zmninja

Discussion topics related to mobile applications for ZoneMinder
Post Reply
RockUser
Posts: 20
Joined: Sun Jan 05, 2020 6:43 am

Need help with SSL and Zmninja

Post by RockUser » Sun Jan 05, 2020 7:00 am

Hello, I recently got Zoneminder installed in my network and I made some self signed certificates to get https working. I had the hardest time getting zmNinja working on my phone. The login portal was found at myServerIpAddress/zm and the Zm Api was found at the myServerIpAddress/zm/api but the cgi-bin path wasn't found until I switched the connection from https to http. I read that Zm Ninja doesn't work well with self signed certificates and so I just switched over to http to make sure my zoneminder install wasn't messed up :P Zm Ninja works just fine after that.
My question was, to make non self signed certificates with something like Let's Encrypt, do I need to own some domain name to associate the certificate with? Let's Encrypt doesn't like when I just use the local ip address of the machine that's running Zoneminder. I don't plan to port forward to get remote access to it; I'm gonna use something like OpenVPN to get access to my zoneminder cameras, so https isn't super important. But I was looking at this guide https://zmeventnotification.readthedocs ... stall.html
And it was saying that I need SSL to get images in my push notifications; I would like to get push notifications working with ZMNinja because it really is a handy app, much better than logging into the web interface. But I don't know how to generate the Let's Encrypt certificates for SSL without owning a domain name. I don't know why all these guides for Let's Encrypt say it's a free way to generate CA signed certificates if I have to own some domain to use it. https://www.tecmint.com/install-free-le ... nd-ubuntu/
Or this guide https://geekflare.com/free-ssl-tls-certificate/
I'm new to networking in general and I just don't get what I need to do to get Zm Ninja push notifications working with images. Can anyone help me?

RockUser
Posts: 20
Joined: Sun Jan 05, 2020 6:43 am

Re: Need help with SSL and Zmninja

Post by RockUser » Mon Jan 06, 2020 7:52 am

I think I found a solution to my problem with Let's Encrypt needing some sort of domain name; I think I can just use something like no ip dot com to get a free domain that my public ip address can point to. Then I can port forward a rasberry pi running openvpn passed my router so I can access that remotely. Hopefully that works.

User avatar
snake
Posts: 337
Joined: Sat May 21, 2016 2:20 am

Re: Need help with SSL and Zmninja

Post by snake » Mon Jan 06, 2020 9:21 pm

RockUser wrote:
Sun Jan 05, 2020 7:00 am
I read that Zm Ninja doesn't work well with self signed certificates
Where did you see that? As far as I know, self signed certs work OK with ZMninja. I can't speak for zmeventnotification server though.

User avatar
asker
Posts: 1493
Joined: Sun Mar 01, 2015 12:12 pm

Re: Need help with SSL and Zmninja

Post by asker » Tue Jan 07, 2020 12:08 am

Not sure which guides you are reading, but zmNinja does not have an issue with self signed certificates. That being said, if you are able to get a domain name (free), use LetsEncrypt.


There are multiple options:

1. You go the LetsEncrypt way. In this case, get a free domain name. There are many free providers, I use duckdns.org - I used to use ddns before but they kept asking me to login every 30 days. Once you have a domain, set up LetsEncrypt for it. You're done.

2. If you go the self signed way, see https://zmninja.readthedocs.io/en/lates ... gned-certs. Note that on Android, you many need to also install that certificate on your phone if you get this issue: https://zmninja.readthedocs.io/en/lates ... in-android

3. Yes, for push notifications to work via zmES, you'll need option 1.

4. In general, always read the official FAQ thoroughly (repeat, thoroughly) first - most questions are answered there. If they are not feel free to suggest an edit. The problem is a lot of 3rd party guides/blogs/articles may be outdated.
Please don't ask me questions via PM. Feel free to post in the forums or Github
Follow this guide to set up logging properly in ZM for ES and hooks
ES docs - please read before posting
zmNinja docs - please read before posting

RockUser
Posts: 20
Joined: Sun Jan 05, 2020 6:43 am

Re: Need help with SSL and Zmninja

Post by RockUser » Wed Jan 15, 2020 10:09 am

Thank you for the replies. I was looking into Let's Encrypt and I realize that I have to be portforwarding port 80 on the machine that's running zoneminder in order to have CA signed certificates. I didn't realize that at first and I kinda want to keep my zoneminder server's direct exposure to the internet to a minimum which is why I was gonna use a vpn to connect to it. I think I'll keep using ZM Ninja because it's handy as opposed to logging on to a machine but I think I'll try it with the vpn.
Thanks for the advice though :D

User avatar
asker
Posts: 1493
Joined: Sun Mar 01, 2015 12:12 pm

Re: Need help with SSL and Zmninja

Post by asker » Wed Jan 15, 2020 10:59 am

This link may be useful https://letsencrypt.org/docs/allow-port-80/

You have other mechanisms (DNS-01 is one) if you don’t want to expose 80.
Please don't ask me questions via PM. Feel free to post in the forums or Github
Follow this guide to set up logging properly in ZM for ES and hooks
ES docs - please read before posting
zmNinja docs - please read before posting

Post Reply

Who is online

Users browsing this forum: No registered users and 3 guests