Jaburges

ok will do. I tried a complete rebuild of the docker from scratch and getting the same issue with defaults (except for the correct port and the portal IP address).

I left everything to default (with the exception of port 9000 as I had to use 9003) docker -p 9003:9000 (confirmed working in the docker log: INF [Secure WS(WSS) is enabled...] INF [Web Socket Event Server listening on port 9003] I am seeing events in the list on my iOS device, but getting the following error in the logs: Failed to connect to WebSocket: code: 1006, reason: undefined, exception: The operation couldn't be completed. Connection refused. This is using all local network IP (not involving the reverse proxy) and when using eventserver URL in my iOS ZMNinja app "wss://192.168.X.X:9003" as the event server URL. The local cert.crt is also installed on the iOS device in case that was required. ServerName i've tried both "localhost" and "192.168.X.X" I have checked the owner of the /push folder and tokens.txt is www-data I've also disabled secure websockets and dropped back to non secure: ws://192.168.X.X:9003 and I get the same error. ZM_PORTAL=http://192.168.X.X:8080/zm and connects fine auth ZM_USER and !ZM_PASS I've also tested the connection directly with a chrome websocket extension and get the same 1006 error. "The connection was terminated uncleanly with status code 1006 (ABNORMAL)" Struggling to figure out why the eventserver is refusing the connection? next stop is to tear down the docker and start again. Any thoughts? I could only find this: https://github.com/pliablepixels/zmeventnotification/issues/32

ok, will try the self signed certs. I was basing the info from this: also on closer inspection (and maybe i'm not understanding the certificate set up) but there are 4 certs that exist. in the default secrets.ini: ES_CERT_FILE = /etc/apache2/ssl/zoneminder.crt ES_KEY_FILE = /etc/apache2/ssl/zoneminder.key This is also referenced in zmeventnotification.ini by invoking the secrets.ini above !ES_CERT_FILE !ES_KEY_FILE However the self signed certs are located in /config/keys/cert.crt & cert.key but these don't seem to be referenced anywhere in the ini files?

Right now SSL is completely disabled for ZM as internally its only http traffic is accessing it (local IP address), but externally https traffic via the reverse proxy is accessing it. I've connected successfully from both internally (using direct IP address on http) and also externally https (443) then routed to http However, in your docs you make reference to the notifications needing a specific cert set up, but I cant figure out what is needed from my particular set up. I'm going out on a limb and if its a similar alerting system to the android app in HomeAssistant that needed a publicly signed cert for the alert to hit the mobile device. I see events on my iOS device, but i dont get any alerts (and my tokens.txt file is empty) so leads me to believe that the alerting service isnt registering my device. As I work through this i'll try and put a guide together as well for future users

Thanks for the reply. Think i need to do a bit more reading on the certificate front. My wildcard cert consists of a .crt (which if i understand correctly is the public signed version of my private key (from my synology box). So not sure what I would use for the .key file (unless i use the same key file as the private key from the synology box, but not sure how that works when its being used on a different box - I was under the impression the wildcard cert validates all traffic through the synology box to the reverse proxy end points. I may need to generate letsencrypt certs to use for the notifications). I've enabled the hook processing, and script - but will take another look at what i'm missing. Thanks again!

Hi there, First of all, the all inclusive docker is EPIC! thanks for your hard work building (actually moving back from Shinobi to Zoneminder for the object detection stuff!) [if anyone cares I was using Deepstack docker with HA + Shinobi] Could someone who understands certificates a little more offer some guidance? I'm using a reverse proxy to access all my dockerized services, and accessing ZM perfectly from outside using `https://subdomain.domain.com/zm` The Cert for that I purchased a wildcard cert (so SAN wouldn't be an issue). I have the reverse proxy set up to forward https://sub.domain.com/zm (443) to http://<ZM_IP>:8080/zm (as above works fine). would be nice to have apache auto forward to the /zm URL (but thats for another day) 2 things i'm unsure of to get alerts if someone can point me in the right direction: 1. There are 2 sets of certs listed: a) in secrets.ini (ES_CERT_FILE) - assuming this is the cert purely for the EventService. This seems a little more complicated to set up (events are hitting ZMNinja on my iphone, but no notifications/alerts. I can't figure out what needs to be set up for "wss://<ZM_IP>:9003" when using an external FQDN address. I have simply created another `https://ESSubdomain.domain.com` reverse proxy, secured with the same wildcard cert? Is a positive result getting events to show in ZMninja on my iOS device? As i'm not getting notifications. I have set the following (as I dont need SSL internally as my reverse proxy secures the traffic to the site) [ssl] enable = no b) Then there are 2 self signed certs in the 'keys' folder (assuming these aren't needed if using http (port 8080:80) - and this is used as a cert for the apache webserver? Assuming that will solve alerts, i'm also not seeing proper hook usage. I'm seeing the zmeventservice invoke the hook script with the event number, the monitor ID & name. Then seeing hook script returned with exit:1 - but nothing downstream of that.