kdudkov / goatak

go ATAK/CivTAK fast and simple server and client
https://github.com/kdudkov/goatak/wiki
GNU Affero General Public License v3.0
117 stars 32 forks source link

iTAK Compatibility #8

Closed kavinsky closed 8 months ago

kavinsky commented 11 months ago

We can't connect using iTAK, using TCP nor TCP SSL.

Is iTAK supported?

kdudkov commented 11 months ago

yes, iTAK support was fixed some time ago. Do you use your own or community server?

kavinsky commented 11 months ago

Im using my own server, WinTAK and ATAK connects straight away but iTAK shows disconnected, we have tried building the datapackage in different forms as described in https://mytecknet.com/lets-build-a-tak-server/#iphone-tak-itak blog posts and using QR code but no joy.

On the server output, there is no log entries trying to connect with iTAK.

mki0331 commented 10 months ago

Hi, nice project.

Same thing here, own server on a clean installed raspberry pi 4, test with iTAK v2.8.0(build 612)

SSL: Log output:

{"level":"info","ts":1701935094.0372405,"caller":"goatak_server/tcpserver.go:64","msg":"SSL connection from 10.xxx.xx.31:50548"} {"level":"error","ts":1701935094.1444004,"caller":"goatak_server/tcpserver.go:67","msg":"Handshake error: &errors.errorString{s:\"EOF\"}","stacktrace":"main.(App).listenTls\n\tgithub.com/kdudkov/goatak/cmd/goatak_server/tcpserver.go:67\nmain.(App).Run.func3\n\tgithub.com/kdudkov/goatak/cmd/goatak_server/main.go:145"}

TCP: no log output, error msg from client: Userauth failed

mki0331 commented 10 months ago

I think, there is a ssl prob: in file cert_api.go(line 59): names := map[string]string{"C": "RU", "O": "goatak", "OU": "goatak"}

and make_ca.sh differs from that.

kdudkov commented 10 months ago

I think, there is a ssl prob: in file cert_api.go(line 59): names := map[string]string{"C": "RU", "O": "goatak", "OU": "goatak"}

and make_ca.sh differs from that.

Let me clarify a little: to work with ssl in atak you need two different certs for now:

second cert must be verifiable by your device, so I prefere to use letsencrypt and nginx proxy to deal with certs (recipe is here

May be you can use one self-signed cert for both, but you need to put ca cert to your device truststore.

I can't test with iTAK, because has no apple devices nearby, so I don't know if it is a way to use iTAK with tcp connection

kavinsky commented 8 months ago

Was problem on my end, ITAK requires cert enrollment in order to work. thank you.