search

joaodealmeida / woocommerce-gateway-lightning

Plugin to accept Bitcoin Lightning payments at WooCommerce stores, using LND.
MIT License
38 stars 10 forks source link

SSL hostname doesn't match error #4

Closed grunch closed 2 years ago

grunch commented 6 years ago

When I try to connect with my LND node I am getting this error

SSL: certificate subject name 'localhost' does not match target host name 'x.x.x.x'

I haven't realize that is true, my tls.cert was created for 'localhost' and the whole time I connected from localhost, now and I'm trying to connect from another server, I find out that CURLOPT_SSL_VERIFYHOST set to 0 (false) let me do the request ignoring the hostname in the certificate, I added this option in this PR https://github.com/joaodealmeida/woocommerce-gateway-lightning/pull/3 with the same comment that this should be for development only.

By the way this lnd certificate is an standard certificate? how can I create another one that accept LND and has my node IP?

joaodealmeida commented 6 years ago

Hey , you have 2 options, if you want to use the endpoint as an IP

--restlisten=0.0.0.0:10009

if you want to generate a SSL to a specific domain you should do something like this:

--restlisten=0.0.0.0:10009 --tlsextradomain=mydomain.com

grunch commented 6 years ago

Yes but it is --restlisten=0.0.0.0:8080 at least is what I did, the option tlsextradomain is exactly what I was looking for, I have to try it

joaodealmeida commented 6 years ago

Yes you are correct, it's restlisten instead of 'rpc'.

tretaki commented 6 years ago

Hi Joao, First thanks for building this plugin, it's great :) I have a similar problem with connecting to my node. I have my lnd node on raspberry pi on a local network and my page on a laptop on localhost on the same network. I use the automatically generated tls.cert from the lnd node and in this setting it works the laptop can talk to the node, so the plugin works. Now I've tried to put a website on an external server and connect to my node. What I did was set restlisten=0.0.0.0:8080 in lnd.conf and made a new tls.cert with the same tls.key but added the external ip by tlsextraip. From the external server I cannot connect to my node. When I test rest api through python requests module I get:

SSLError: hostname 'X.X.X.X' doesn't match either of 'raspberrypi', 'localhost'

I know that this is probably a bit off topic but I am a bit stuck :)

joaodealmeida commented 6 years ago

What endpoint are you putting on the input? If you are using a domain make sure you use --tlsextradomain=mydomain.com

tretaki commented 6 years ago

endpoint: https://node_public_ip:8080 I guess the problem is the domain, what should I input for the domain?