Comments (6)
killmasta93
commented on June 2, 2024
1
Thanks for the reply, forgot to close this as meshserver had an update for cloudflare proxy
https://meshcentral2.blogspot.com/2020/12/meshcentral-ioactive-security-review.html
from meshagent.
jsastriawan
commented on June 2, 2024
Does that proxy support Websocket? MeshAgent connection uses Secure Websocket.
from meshagent.
killmasta93
commented on June 2, 2024
Thanks for the reply, im attaching photo on cloudflare it shows this
from meshagent.
killmasta93
commented on June 2, 2024
I was reading on the Help on cloud flare it says this
Can I use WebSockets over SSL?
Yes, Cloudflare SSL fully supports WebSockets traffic passing through our network.
from meshagent.
killmasta93
commented on June 2, 2024
bump anyone else?
from meshagent.
masonh
commented on June 2, 2024
The Cloudflare proxy does TLS termination in their network, so the client will see a Cloudflare TLS certificate rather than the one configured on your MeshCentral server. As far as I know, there is no way to make Cloudflare proxy the traffic "dumbly".
You can verify whether this issue affects you by checking the MeshCentral logs, where connecting clients along with their observed/expected TLS certificate fingerprints are shown.
The solution would be to either use the same TLS certificate on your server as on Cloudflare, or set the MeshCentral TLS offload certUrl, which may also require turning off TLS in MeshCentral.
See the User Guide for more info on TLS Offloading.
Disclaimer: I haven't tried to do this myself, because of the complexity involved and my preference for keeping the TLS session private between clients and MeshCentral.
from meshagent.
Related Issues (20)
- connected but blank terminal on Arm devices HOT 1
- Meshagent over http proxy in linux HOT 3
- Current security state of the agent HOT 3
- MSI package HOT 1
- Compiling of agent for linux fails HOT 1
- Notifybar does not close on Linux when disconnected HOT 4
- switch display/monitor on macos? HOT 3
- Support for mips_4kec instructionset (for example GS1900-8HP) HOT 5
- Old, EoL OpenSSL library (1.1.1s) used in latest MeshAgent
- Expire devicesharing link on window close HOT 2
- Linux desktop connection problem HOT 9
- No wakeup on meshagent clien MacOS Sonoma HOT 19
- unable to see agent on Meshcentral server running on ubuntu HOT 2
- meshagent.db not being removed on -fullinstall HOT 8
- Meshcntrl.js filter device by name that is number broken HOT 2
- How fast connect a raspberrypi to Meshcentral? HOT 15
- FEATURE REQUEST: Location Tracking (automatic) HOT 2
- FEATURE REQUEST: Agent Details Toolbar Icon HOT 1
- FEATURE REQUEST: Unzip Button (in files explorer) HOT 1
- No Terminal and Files Tab when I upload own version meshagent_x86-64 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from meshagent.