Charmed Quark Systems, Ltd. - Support Forums and Community

Full Version: New Amazon Echo Support
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
The certificate should be for the name that the javascript on the Amazon side is trying to connect to, which it looks like you have set up correctly on the javascript side. It will go out to the certificate authorities and try to find one that you have registered your certificate with under that name. You did register this certificate somewhere right, i.e. it's not just on your CQC web server?
I guess one thing to check is to make sure you can make a secure connection to our web server from inside the house, i.e. at all. So put some image in the HTMLRoot directory on the web server machine and try to access it:

https://home.zrasdomain.com/whatever.jpg

See if that works.

I never thought about it before as to whether there is an issue that our web server doesn't see itself as the name that the certificate is for. I'm not sure if that is a problem or not. You can't use a publically registered certificate for an internal machine name since you can't access it from the outside. So I'm not sure how exactly that works.

Maybe someone else who knows more about these scenarios can kick in. But if the above simple test doesn't work, then that may be why.
Dean Roddey Wrote:The certificate should be for the name that the javascript on the Amazon side is trying to connect to, which it looks like you have set up correctly on the javascript side. It will go out to the certificate authorities and try to find one that you have registered your certificate with under that name. You did register this certificate somewhere right, i.e. it's not just on your CQC web server?

Yes, I used StartSSL.

I think I did it right.
I poked around and can't find anything about this. Does your router support the installation of certificates? Maybe that's where it has to happen, then after that it's just a non-secure port forward on the way in.
Dean Roddey Wrote:I guess one thing to check is to make sure you can make a secure connection to our web server from inside the house, i.e. at all. So put some image in the HTMLRoot directory on the web server machine and try to access it:

https://home.zrasdomain.com/whatever.jpg

See if that works.


It does. That test succeeds. Obviously though, I'm using my local domain name cqcmaster.zrasdomain.local
Do it using the public domain name. If that doesn't work, then maybe the browser will give us some more useful information.

I looked some more and I'm still confused on this. Some fancy router firewalls do allow you to set up certificates, or at least I see a setting for it. But I'm not sure how it works and what you'd do if using a run of the mill router when it comes to certificates.
In the webserver configuration this is what I have, per the websockets doc.

MStore:My,home.zrasdomain.com

In your example on that doc you used Cathy for the certificate name.

My certificate name is the fully qualified domain name. There was no other option when I created it, hence, "home.zrasdomain.com"
Dean Roddey Wrote:Do it using the public domain name. If that doesn't work, then maybe the browser will give us some more useful information.

From inside of my network this isnt going to work, plus, I don't have port 80 forworded. Only 443.

I'm pretty sure itll work though, because the amazon configuration was working when I was using unsecured port 80.
OK, I'm diffused. Above you said "It does. That test succeeds. Obviously though, I'm using my local domain name cqcmaster.zrasdomain.local". Where did you use that local domain name? If you did:

https://home.zrasdomain.com/whatever.jpg

Then clearly it had to go out to the public network, find your public IP address, and come back in via the HTTPS port and get to our web server ok.

If you do the above and it doesn't work, what error do you get in the browser?
Who is your public certificate registered with?