Open vijayeswari opened 2 years ago
I have FACT 4.0 version installed. The documentation needs to be updated as this version is not using Mongo db. For a new person installing FACT 4.0 for the first time , may be confused as its PostgresSQL , but the documentation is all about mongo db.
https://github.com/fkie-cad/FACT_core/wiki/radare-integration#ssl-and-hostname-issues
I am following this for nginx (case 1) and exposing the service to network (case 2 ) , but the src/helperFunctions/web_interface.py::get_radare_endpoint is missing in the web_interface file. Would appreciate if the document is updated for FACT 4.0 code.
Hi vijayeswari, the nginx reverse proxy should actually be running on https / port 443. Can you check that?
We'll check on the documentation. This should obviously have been migrated in the meantime.
Thank you @dorpvom for your quick reply. I tried https over 443 , it didnt work either. `P2713770@ip-47-228-8-80:~$ curl -v https://localhost/rest/firmware
curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. P2713770@ip-47-228-8-80:~$ `
I see te self-signed certs are generated and available under /etc/nginx/
` def _generate_and_install_certificate(): logging.info('Generating self-signed certificate') execute_commands_and_raise_on_return_code([ 'openssl genrsa -out fact.key 4096', f'echo "{DEFAULT_CERT}" | openssl req -new -key fact.key -out fact.csr', 'openssl x509 -req -days 730 -in fact.csr -signkey fact.key -out fact.crt', 'sudo mv fact.key fact.csr fact.crt /etc/nginx' ], error='generate SSL certificate')
`
P2713770@ip-47-228-8-80:/etc/nginx$ ls conf.d fact.crt fact.key fastcgi_params koi-win modules-available nginx.conf proxy_params sites-available snippets win-utf error fact.csr fastcgi.conf koi-utf mime.types modules-enabled nginx.conf.bak scgi_params sites-enabled uwsgi_params
Exactly. So we generate a self-signed certificate for your convenience. You can either
Though you probably only need the latter if you want to host your FACT on the internet. Our company has an own intermediate CA that is trusted by all company PCs that signs such certificates for internal purposes.
Alternatively you can also modify the nginx config to host the tool on 80.
Hi, I tried to use the -N option to enable the nginx . Installation is complete, but the curl is NOT responding on http://localhost. Is there anything else that needs to be done?
`P2713770@ip-47-228-8-80:~$ curl -v http://localhost/rest/firmware
It only works with localhost:5000 `P2713770@ip-47-228-8-80:~$ curl -v http://localhost:5000/rest/firmware/c4d3851ec77f3f7661046d8457add8097851cb7d4f5c53bdff2e0ebca80b56d9_29697479