OSMand app track recording online tracking and secure transmission to traccar server
It won't work like that. SSL server requires a lot of configuration. You can't just enable it. You have to have at least the certificate and it's not supported.
What you should do instead is set up an external proxy, like Apache.
Oh, I did so using nginx as said. Traccar android client is working fine. But is there a chance for the OSMand android app?
What's your configuration in the OSMand app?
See above, this URL works, but it is not secure. When I add https to this URL http://traccar.example.com:5055?id=1234&lat.... I see a lot of logging, but no location updates - so I guess these are errors?
2023-05-02 23:51:33 INFO: [T0eb91550: osmand < 84.171.3.78] 1603010200010001fc03038edc9346e903377b788d1ba7f458339da202517e1f16180d7e1234b86911434620d2e432b3cdf6fe924a9b10937ffb635e9dea21fed50e3cb567e8302512b0f5a40022130113021303c02bc02ccca9c02fc030cca8c009c00ac013c014009c009d002f003501000191000000190017000014747261636361722e73746576656b6973742e646500170000ff01000100000a00080006001d00170018000b00020100002300000010000b000908687474702f312e31000500050100000000000d00140012040308040401050308050501080606010201003300260024001d0020b15ac10769857386fbab49d40f50f1e36f02c91844575ec63101a1941ea53d38002d00020101002b0009080304030303020301001500e4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
2023-05-02 23:51:33 INFO: [T0eb91550: osmand > 84.171.3.78] 485454502f312e31203430302042616420526571756573740d0a636f6e74656e742d6c656e6774683a20300d0a0d0aWhen I change the port to 443, I do not anything in the logs...
It means you haven't proxied it.
Hmm... I read:
https://www.traccar.org/forums/topic/protocol-over-https/
but I did not see a real solution there?
As I can access traccar Web UI via https and also the traccar android client works with https it seems, that I have set up nginx proxying right or not? Or do you mean there is some other port to proxy? I am confused...
Yes, you have to proxy to the specific port. It sounds like you're just using the web app port, which would only work for Traccar Client.
@steviehs
What is your nginx config for proxy and ssl ?
This is my nginx config which works perfectly for traccar android client but not for OSMand android app.
server {
if ($host = traccar.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 192.168.1.2:80;
server_name traccar.example.com;
include /etc/nginx/snippets/ssl.conf;
include /etc/nginx/snippets/letsencrypt.conf;
server_tokens off; ## Don't show the nginx version number, a security best practice
return 301 https://traccar.example.com$request_uri;
access_log /var/log/nginx/traccar_access.log;
error_log /var/log/nginx/traccar_error.log;
}
server {
listen 192.168.243.11:443 ssl;
listen [::]:443 ssl;
server_name traccar.example.com;
server_tokens off;
include /etc/nginx/snippets/letsencrypt.conf;
set $root_path "/var/www/traccar";
root $root_path;
index index.html index.php;
location /api/socket {
include proxy_params;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://localhost:8082/api/socket;
}
location / {
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8082/;
}
location ~ /.well-known {
allow all;
root /var/www/letsencrypt/;
}
ssl_certificate /etc/letsencrypt/live/traccar.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/traccar.example.com/privkey.pem; # managed by Certbot
access_log /var/log/nginx/traccar_access.log;
error_log /var/log/nginx/traccar_error.log;
}@steviehs
Im sorry to ask, which is you OSMand android app exactly ?
The latest version from https://f-droid.org/en/packages/net.osmand.plus/
I have opened up the same question in osmand forum but also no reply there. But at the moment this is fine, I will continue using the traccar android client...
Not sure why you're asking there when I already explained exactly why it doesn't work and what needs to be done to make it work.
Sorry, from my side I did not understand exactly what I should do, as my understanding of the osmand tracking protocol is not deep enough.
I guess to add "listen [::]:5055 ssl;" to the secure server section would not be sufficient as the traccar server is already using that port?
Could you give me an example how to accomplish to proxy 5055 secure?
Thanks for all your support...
I know this was a topic a few years ago (though I do not find it anymore), but as far as I remember, it hasn't been answered:
I have set up traccar server supporting ssl with nginx - traccar android client works fine.
Normally I want to use the OSMand track recording plugin with online tracking:
using
http://traccar.example.com:5055?id=1234&lat....works when Port 5055 is exposed. But I was not successful in setting up a secure connection from OSMand... tried https and ports 443 and setting<entry key='osmand.ssl'>true</entry>but with no success at all.Is there a chance to get this working?