Ssl certificate registered on public address, unable to stream videos on app from internal network

ssl

#1

Steps to reproduce

  1. Install owncloud normally
  2. Install SSL-Certificate from Let’sEncrypt for public adress (internal IP cant be registered)
  3. Try to stream a video on the owncloud-app from internal network

It doesnt work because I installed the ssl certificate for my public address, but I try to stream the video from the internal address, thus the app doesnt trust the source and I cant stream the video. When I try this on a desktop inside the browser it works.

Server configuration

Operating system:
Rapsberry Pi Rasbian

Web server:
Apache

Database:

PHP version:
7.x (i dont really know…)

ownCloud version: (see ownCloud admin page)
newest 9.x


#2

What are you using for DNS on local network?

Windows server would allow you to override your public address with the local IP. Not sure routers provide this functionality.

Please tell me certificate is for domain and not IP?


#3

for dns on local network: normal internal ip address (192.168…), pls specify, if something else was meant :confused:

The certificate is registered for the domain, not the ip as I have a normal contract with my ISP for a dynamic ip (even though it only changes every 6 months)


#4

Sorry, what I meant is that within your local DNS server, you need to add your domain as an A record so that your local DNS server doesn’t even attempt to request your external IP from an external DNS server. This way, when resolving to yourdomain.com from within the network, you’ll receive the local IP, but the domain name will be able to validate against the certificate authority.

I know this can be done if your DNS is running through Windows Server easily. If you don’t have a Windows Server on the network, then you may need to setup your network DNS to come from the same box as your ownCloud install.

As said previous, not sure a simple router will be able to accept custom A records (depends what it is though).


#5

ok…so from what i understood I have to set up my Raspberry Pi as an additional DNS server, so that I can address it without using the internal IP, but instead use the normal domain name using an A record…right?

If this is too complicated though, I think I will have to stream videos from a browser on a computer. (I think that works normally, even from the internal address)