Rocket Chat+ cannot connect [iOS]


#1

I am using the Rocket Chat app on iOS, and trying to install the Rocket Chat+ app now but it will not accept my server as a valid URL, it shows an alert with the message:
"Oops! The URL you entered is invalid. Check it and try again, please!"

The server is self hosted, running behind Apache proxy. The Mac app works fine, as does the old Cordova app. I tried to validate the websocket connection using Curl, it seems to work (see below).

What am I doing wrong? :weary:

curl -i -N -H "Connection: Upgrade" -H "Upgrade: websocket" -H "Host: chat.corp.com.br" -H "Origin: chat.corp.com.br" -H "Sec-WebSocket-Key: fVXESE8fjBMx8HheW0YlZQ==" -H "Sec-WebSocket-Version: 13" https://chat.corp.com.br/websocket --verbose
*   Trying 10.0.1.2...
* TCP_NODELAY set
* Connected to chat.corp.com.br (10.0.1.2) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /opt/local/share/curl/curl-ca-bundle.crt
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.0 (IN), TLS handshake, Server hello (2):
* TLSv1.0 (IN), TLS handshake, Certificate (11):
* TLSv1.0 (IN), TLS handshake, Server key exchange (12):
* TLSv1.0 (IN), TLS handshake, Server finished (14):
* TLSv1.0 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.0 (OUT), TLS change cipher, Client hello (1):
* TLSv1.0 (OUT), TLS handshake, Finished (20):
* TLSv1.0 (IN), TLS change cipher, Client hello (1):
* TLSv1.0 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.0 / DHE-RSA-AES256-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=*.corp.com.br
*  start date: Mar 20 15:40:42 2018 GMT
*  expire date: Jun 18 15:40:42 2018 GMT
*  subjectAltName: host "chat.corp.com.br" matched cert's "*.corp.com.br"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
> GET /websocket HTTP/1.1
> Host: chat.corp.com.br
> User-Agent: curl/7.54.0
> Accept: */*
> Connection: Upgrade
> Upgrade: websocket
> Origin: chat.corp.com.br
> Sec-WebSocket-Key: fVXESE8fjBMx8HheW0YlZQ==
> Sec-WebSocket-Version: 13
>
< HTTP/1.1 101 Switching Protocols
HTTP/1.1 101 Switching Protocols
< Upgrade: websocket
Upgrade: websocket
< Connection: Upgrade
Connection: Upgrade
< Sec-WebSocket-Accept: dyU1fPKS9c9nPGo2mPsrQv40G9E=
Sec-WebSocket-Accept: dyU1fPKS9c9nPGo2mPsrQv40G9E=

<
�{"server_id":"0"}

#2

Best I can tell websocket is working fine. Can you also access /api/info ? What version of Rocket.Chat?


#3

Yes, the output is:
{"version":"0.64.1","success":true}

I am wondering if TLS 1.2 is required. The apache proxy only has TLS 1.0 enabled. Could this cause App Transport Security to not work?


#4

Hello @paul,

Yes, you figured that out. We require TLS 1.2 to access the application. Can you update it?

Thanks!


#5

Good to know. Unfortunately I can’t update the server, it might be easier to build an adhoc version of the app internally to deploy for now.

Thanks!