Using Apache I could set traccar web (on port 8092 ) to load ok using https
Using this configuration
Server: gps.myhiddenserver.com
Teltonika and chinese trackers works ok, so the web platform
Its just android client, that I cant put to work ok, I think I'm almost there, But I need some help from you to point the error.
file:
/etc/httpd/conf.d/gps.myhiddenserver.com.conf
<VirtualHost *:80>
ServerName gps.myhiddenserver.com
# redireccionar todo a la conexion segura
Redirect / https://gps.myhiddenserver.com/
ErrorLog /var/log/httpd/gps.myhiddenserver.com-error.log
CustomLog /var/log/httpd/gps.myhiddenserver.com-access.log combined
# lo de abajo fue agregado por el bot de lets encrypt
RewriteEngine on
RewriteCond %{SERVER_NAME} =gps.myhiddenserver.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
file:
/etc/httpd/conf.d/gps.myhiddenserver.com-le-ssl.conf
<IfModule mod_ssl.c>
SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000)
<VirtualHost *:443>
ServerName gps.myhiddenserver.com
# ServerAlias gps.myhiddenserver.com
DocumentRoot /var/www/gps.myhiddenserver.com/html
<Directory /var/www/gps.myhiddenserver.com/html>
Options -Indexes +FollowSymLinks
AllowOverride All
</Directory>
ErrorLog /var/log/httpd/gps.myhiddenserver.com-error.log
CustomLog /var/log/httpd/gps.myhiddenserver.com-access.log combined
# redireccionar a traccar
ProxyPass /api/socket ws://localhost:8092/api/socket
ProxyPassReverse /api/socket ws://localhost:8092/api/socket
ProxyPass / http://localhost:8092/
ProxyPassReverse / http://localhost:8092/
# redireccionar a traccar
ProxyPass / http://localhost:4435/
ProxyPassReverse / http://localhost:4435/
# fin redireccionar a traccar
SSLCertificateFile /etc/letsencrypt/live/gps.myhiddenserver.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/gps.myhiddenserver.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
Header always set Strict-Transport-Security "max-age=31536000"
SSLUseStapling on
</VirtualHost>
</IfModule>
file:
traccar.xml
....
<entry key='filter.enable'>true</entry>
<entry key='filter.maxSpeed'>110</entry>
<entry key='filter.duplicate'>true</entry>
<entry key='filter.zero'>true</entry>
<entry key='filter.duplicate'>true</entry>
<entry key='filter.distance'>90</entry>
<entry key='filter.future'>86400</entry>
<entry key='filter.invalid'>true</entry>
<entry key='filter.skipAttributes.enable'>true</entry>
<entry key='filter.skipAttributes'>alarm,ignition,result</entry>
<entry key='web.sanitize'>false</entry>
<entry key='web.url'>https://myhiddenserver.com</entry>
<entry key="coordinates.filter">true</entry>
<entry key="coordinates.minError">50</entry>
<entry key='web.port'>8092</entry>
<entry key='osmand.port'>4435</entry>
<entry key='osmand.ssl'>true</entry>
....
traccar client url points to:
https://gps.myhiddenserver.com:4435
Also tried with:
https://gps.myhiddenserver.com
https://myhiddenserver.com
As you can see in the log, port 4435 is open, Algo, 80, 443, 5027, 5001, and 5055 (if needed)
2024-06-25 15:10:45 INFO: [T83b12a4f] error - not an SSL/TLS record: 504f5354202f3f69643d3738393435362674696d657374616d703d31373139333432363432266c61743d2d32352e34393535383334266c6f6e3d2d35342e363635323832322673706565643d302e302662656172696e673d302e3026616c7469747564653d3232332e33393939393338393634383433382661636375726163793d31322e3331303030303431393631363726626174743d34332e3020485454502f312e310d0a557365722d4167656e743a2044616c76696b2f322e312e3020284c696e75783b20553b20416e64726f69642031343b2043504832363033204275696c642f555031412e3233303632302e303031290d0a582d466f727761726465642d486f73743a206770732e6770736d6178666c65742e636f6d0d0a582d466f727761726465642d466f723a203139302e3130342e3137362e3139300d0a4163636570742d456e636f64696e673a20677a69700d0a582d466f727761726465642d5365727665723a206770732e6770736d6178666c65742e636f6d0d0a436f6e74656e742d547970653a206170706c69636174696f6e2f782d7777772d666f726d2d75726c656e636f6465640d0a5669613a20312e312072322e6770736d6178666c65742e636f6d0d0a582d466f727761726465642d466f723a205b303a303a303a303a303a303a303a315d0d0a582d466f727761726465642d50726f746f3a20687474700d0a582d466f727761726465642d486f73743a206c6f63616c686f73743a383039320d0a582d466f727761726465642d5365727665723a205b303a303a303a303a303a303a303a315d0d0a486f73743a206c6f63616c686f73743a343433350d0a436f6e74656e742d4c656e6774683a20300d0a0d0a - NotSslRecordException (...)
2024-06-25 15:10:45 INFO: [T83b12a4f] disconnected
2024-06-25 15:11:16 INFO: [Tee79ce48] connected
2024-06-25 15:11:16 INFO: [Tee79ce48] error - not an SSL/TLS record: 504f5354202f3f69643d3738393435362674696d657374616d703d31373139333432363432266c61743d2d32352e34393535383334266c6f6e3d2d35342e363635323832322673706565643d302e302662656172696e673d302e3026616c7469747564653d3232332e33393939393338393634383433382661636375726163793d31322e3331303030303431393631363726626174743d34332e3020485454502f312e310d0a557365722d4167656e743a2044616c76696b2f322e312e3020284c696e75783b20553b20416e64726f69642031343b2043504832363033204275696c642f555031412e3233303632302e303031290d0a582d466f727761726465642d486f73743a206770732e6770736d6178666c65742e636f6d0d0a582d466f727761726465642d466f723a203139302e3130342e3137362e3139300d0a4163636570742d456e636f64696e673a20677a69700d0a582d466f727761726465642d5365727665723a206770732e6770736d6178666c65742e636f6d0d0a436f6e74656e742d547970653a206170706c69636174696f6e2f782d7777772d666f726d2d75726c656e636f6465640d0a5669613a20312e312072322e6770736d6178666c65742e636f6d0d0a582d466f727761726465642d466f723a205b303a303a303a303a303a303a303a315d0d0a582d466f727761726465642d50726f746f3a20687474700d0a582d466f727761726465642d486f73743a206c6f63616c686f73743a383039320d0a582d466f727761726465642d5365727665723a205b303a303a303a303a303a303a303a315d0d0a486f73743a206c6f63616c686f73743a343433350d0a436f6e74656e742d4c656e6774683a20300d0a0d0a - NotSslRecordException (...)
2024-06-25 15:11:16 INFO: [Tee79ce48] disconnected
2024-06-25 15:11:47 INFO: [T95ac283f] connected
2024-06-25 15:11:47 INFO: [T95ac283f] error - not an SSL/TLS record: 504f5354202f3f69643d3738393435362674696d657374616d703d31373139333432363432266c61743d2d32352e34393535383334266c6f6e3d2d35342e363635323832322673706565643d302e302662656172696e673d302e3026616c7469747564653d3232332e33393939393338393634383433382661636375726163793d31322e3331303030303431393631363726626174743d34332e3020485454502f312e310d0a557365722d4167656e743a2044616c76696b2f322e312e3020284c696e75783b20553b20416e64726f69642031343b2043504832363033204275696c642f555031412e3233303632302e303031290d0a582d466f727761726465642d486f73743a206770732e6770736d6178666c65742e636f6d0d0a582d466f727761726465642d466f723a203139302e3130342e3137362e3139300d0a4163636570742d456e636f64696e673a20677a69700d0a582d466f727761726465642d5365727665723a206770732e6770736d6178666c65742e636f6d0d0a436f6e74656e742d547970653a206170706c69636174696f6e2f782d7777772d666f726d2d75726c656e636f6465640d0a5669613a20312e312072322e6770736d6178666c65742e636f6d0d0a582d466f727761726465642d466f723a205b303a303a303a303a303a303a303a315d0d0a582d466f727761726465642d50726f746f3a20687474700d0a582d466f727761726465642d486f73743a206c6f63616c686f73743a383039320d0a582d466f727761726465642d5365727665723a205b303a303a303a303a303a303a303a315d0d0a486f73743a206c6f63616c686f73743a343433350d0a436f6e74656e742d4c656e6774683a20300d0a0d0a - NotSslRecordException (...)
2024-06-25 15:11:47 INFO: [T95ac283f] disconnected
apache log from myhiddenserver.com
my hidden ip is: 123.123.123.123
[root@r2 logs]# tail -n 50 gps.myhiddenserver.com-error.log
[Tue Jun 25 13:35:30.017580 2024] [proxy:error] [pid 36186:tid 140130866120448] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8092 (localhost) failed
[Tue Jun 25 13:35:30.017645 2024] [proxy_http:error] [pid 36186:tid 140130866120448] [client 123.123.123.123:50174] AH01114: HTTP: failed to make connection to backend: localhost, referer: https://gps.myhiddenserver.com/
[Tue Jun 25 13:35:30.180258 2024] [proxy:error] [pid 36186:tid 140130975160064] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8092 (localhost) failed
[Tue Jun 25 13:35:30.180297 2024] [proxy_http:error] [pid 36186:tid 140130975160064] [client 123.123.123.123:50175] AH01114: HTTP: failed to make connection to backend: localhost, referer: https://gps.myhiddenserver.com/
[Tue Jun 25 13:35:30.889477 2024] [proxy:error] [pid 36186:tid 140131008730880] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8092 (localhost) failed
[Tue Jun 25 13:35:30.889512 2024] [proxy_http:error] [pid 36186:tid 140131008730880] [client 123.123.123.123:50177] AH01114: HTTP: failed to make connection to backend: localhost, referer: https://gps.myhiddenserver.com/
[Tue Jun 25 13:35:30.991236 2024] [proxy:error] [pid 36184:tid 140131213678336] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8092 (localhost) failed
[Tue Jun 25 13:35:30.991284 2024] [proxy_http:error] [pid 36184:tid 140131213678336] [client 123.123.123.123:50178] AH01114: HTTP: failed to make connection to backend: localhost, referer: https://gps.myhiddenserver.com/
log show error, but I don't know where to start for fixing it
Some help from you would be appreciated
Using Apache I could set traccar web (on port 8092 ) to load ok using https
Using this configuration
Server: gps.myhiddenserver.com
Teltonika and chinese trackers works ok, so the web platform
Its just android client, that I cant put to work ok, I think I'm almost there, But I need some help from you to point the error.
file:
<VirtualHost *:80> ServerName gps.myhiddenserver.com # redireccionar todo a la conexion segura Redirect / https://gps.myhiddenserver.com/ ErrorLog /var/log/httpd/gps.myhiddenserver.com-error.log CustomLog /var/log/httpd/gps.myhiddenserver.com-access.log combined # lo de abajo fue agregado por el bot de lets encrypt RewriteEngine on RewriteCond %{SERVER_NAME} =gps.myhiddenserver.com RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] </VirtualHost>file:
<IfModule mod_ssl.c> SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000) <VirtualHost *:443> ServerName gps.myhiddenserver.com # ServerAlias gps.myhiddenserver.com DocumentRoot /var/www/gps.myhiddenserver.com/html <Directory /var/www/gps.myhiddenserver.com/html> Options -Indexes +FollowSymLinks AllowOverride All </Directory> ErrorLog /var/log/httpd/gps.myhiddenserver.com-error.log CustomLog /var/log/httpd/gps.myhiddenserver.com-access.log combined # redireccionar a traccar ProxyPass /api/socket ws://localhost:8092/api/socket ProxyPassReverse /api/socket ws://localhost:8092/api/socket ProxyPass / http://localhost:8092/ ProxyPassReverse / http://localhost:8092/ # redireccionar a traccar ProxyPass / http://localhost:4435/ ProxyPassReverse / http://localhost:4435/ # fin redireccionar a traccar SSLCertificateFile /etc/letsencrypt/live/gps.myhiddenserver.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/gps.myhiddenserver.com/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf Header always set Strict-Transport-Security "max-age=31536000" SSLUseStapling on </VirtualHost> </IfModule>file:
....
<entry key='filter.enable'>true</entry> <entry key='filter.maxSpeed'>110</entry> <entry key='filter.duplicate'>true</entry> <entry key='filter.zero'>true</entry> <entry key='filter.duplicate'>true</entry> <entry key='filter.distance'>90</entry> <entry key='filter.future'>86400</entry> <entry key='filter.invalid'>true</entry> <entry key='filter.skipAttributes.enable'>true</entry> <entry key='filter.skipAttributes'>alarm,ignition,result</entry> <entry key='web.sanitize'>false</entry> <entry key='web.url'>https://myhiddenserver.com</entry> <entry key="coordinates.filter">true</entry> <entry key="coordinates.minError">50</entry> <entry key='web.port'>8092</entry> <entry key='osmand.port'>4435</entry> <entry key='osmand.ssl'>true</entry>....
traccar client url points to:
Also tried with:
As you can see in the log, port 4435 is open, Algo, 80, 443, 5027, 5001, and 5055 (if needed)
apache log from myhiddenserver.com
my hidden ip is: 123.123.123.123
log show error, but I don't know where to start for fixing it
Some help from you would be appreciated