yotamN
commented
2 years ago Do you still have this problem? If you do, are you sure the Portal port is open (you can test with netcat)?
Open wwhurley opened 2 years ago
yotamN
commented
2 years ago Do you still have this problem? If you do, are you sure the Portal port is open (you can test with netcat)?
wwhurley
commented
2 years ago Unfortunately, yes, still unable to have it connect. After launching the portal netstat reports:
tcp 0 0 127.0.0.1:27042 0.0.0.0:* LISTEN 13548/frida-portalWhen checking using netcat:
$ nc -vz 127.0.0.1 27042
Connection to 127.0.0.1 27042 port [tcp/*] succeeded!
oleavr
commented
2 years ago @wwhurley Did you ensure that frida-cert.pem contains both the certificate and the private key? The client side should only have the certificate, but the chain needs to be complete. (We don't currently make use of the system's certificate store.)
wwhurley
commented
2 years ago I went through and reviewed the documentation a bit more and I have a slightly better idea of why what I was doing wasn't working, though I still can't get it to work. You're correct in that I didn't have my files set up correctly. However, after performing the following steps, I still haven't been able to get it right:
1) Create CA key and root certificate 2) Create a key and CSR 3) Sign CSR using CA
What it appears is that frida-portal should take a PEM encoded file that contains the key and certificate from step 3 and frida-join should take a PEM encoded file that just contains the certificate from the CA. Does that sound in the right neighborhood?
This could just be user error, but having difficulty using the CLI tools to test the Portal functionality. When starting the portal locally I'm running:
And then attempting to connect using
frida-join, running:I get the message
Joining portal...which goes for a bit, then ends withUnable to join: timeout was reached.I've attempted with different combinations of token and certificate and haven't had any success.