Where are the macOS Bluecherry client user settings and ssl certificates stored ?

[ronluna]

Can you share where the config setting (including ssl certificate) are stored in macOS for the bluecherry client? I swap server and the bluecherry client is unable to connect throwing an error that reads "Request failed: SSL handshake failed" . I've tried delete the client and reinstalling again but the settings remain persistent.

[ronluna]

Found it at:

/Users/username/Library/Preferences/com.bluecherrydvr.bluecherry.plist

After deleting it. it will get recreated and the bluecherry client will get completely reset , although seems like the SSL certificates remains saved somewhere....

any idea how to delete the ssl certificates stored by the bluecherry client ?

[curtishall]

Are you connecting to a Ubuntu 20.04 server perhaps? I've seen this on OSX recently connecting to a 20.04 server.

[ronluna]

That's correct!

[curtishall]

Okay. I've also seen this. I still need to spend more time on this, hopefully tomorrow, but I believe the issue is a update in apache2 where we aren't setting the server name.

[ronluna]

It's weird. I have a feeling it could be related to the certificates stored on the bluecherry client. I had another bluecherry client on macOS running on a seperate imac and the client was able to connect just fine to the server without any errors until I restarted that client.

Bluecherry client running on windows can connect to Ubuntu 20.04 server just fine.

[ronluna]

Okay. I've also seen this. I still need to spend more time on this, hopefully tomorrow, but I believe the issue is a update in apache2 where we aren't setting the server name.

Is there a way to enable verbose logging on the client side ?

[curtishall]

Running from the command line will give you some additional details.

[ronluna]

Running from the command line will give you some additional details.

Tried running from the terminal ... but no information is shown when the application is sending https request to the server. Any other ideas?

[curtishall]

I believe the issue is due to the OS X version of the Bluecherry client being built on old openssl libraries. We are working on a newer release, I hope to have this completed in the new few weeks.

[curtishall]

@ronluna

This is an option until the 2.2.9 OSX release is available. Add this to the SSL section in /etc/apache2/sites-enabled/bluecherry.conf

### WARN: Security wise this is "bad", it forces the Bluecherry vhost to use TLS 1.1, which is outdated.

SSLProtocol             all -SSLv2 -SSLv3
SSLCipherSuite          CDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:@SECLEVEL=1

[ronluna]

@curtishall worked like a charm... Waiting for official client update! Thanks!!!

[curtishall]

Great, sorry for the delay on this.

[ronluna]

No worries, a lot on your plate...

Can't wait for the mobile app. a while back We've added partial support to bluecherry on our app for live viewing only using VLC Kit (and before that (iosvideokit for iOS only.... adding playback and other client features was something we weren't able to finish...

[curtishall]

iOS playback has been a struggle for us also. We spun our wheels for a couple weeks to the point we almost implemented HLS (which is planned for 3.2...but we didn't want to delay the server any longer)...we finally came up with a solution.

Hopefully we have a TestFlight package for iOS soon.

[ronluna]

Upgrade Bluecherry Server to Version: 3.1.0-rc3 and to use nginx. Although now the old Bluecherry Client 2.2.6 won't connect to the server and the new one 2.2.9 won't launch .

Any ideas?

[curtishall]

Can you delete the connection and add it again?

On Mon, Aug 30, 2021 at 4:03 PM Ron Luna @.***> wrote:

Upgrade Bluecherry Server to Version: 3.1.0-rc3 and to use nginx. Although now the old Bluecherry Client 2.2.6 won't connect to the server and the new one 2.2.9 won't launch .

[image: image] https://user-images.githubusercontent.com/9822111/131405226-2bffbd01-1e18-461b-a795-50e9af919fba.png

Any ideas?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bluecherrydvr/bluecherry-apps/issues/416#issuecomment-908693493, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACQ5VV444WFUPBYN47CNHTT7PW2ZANCNFSM42WARGZQ .

-- Sent from Gmail Mobile

[ronluna]

Just tried. but same result: