VH 1314 - Allow V2X-Hub Web UI browser access without self signed certificate warning acceptance

[DokurOmkar]

PR Details

Description

In this PR, initialization script is updated to ignore the certificates for localhost on google chrome and chromium browsers to remove the manual step of navigating to websocket URL and accepting self signed certificate. This will allow to access V2X-Hub Web UI without accepting the risk in an other tab.

Related Issue

VH-1314

Motivation and Context

How Has This Been Tested?

This has been tested locally by running the initialization script and making sure that the web page opens with the login screen.

Types of changes

• Defect fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that cause existing functionality to change)

Checklist:

• I have added any new packages to the sonar-scanner.properties file
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
  V2XHUB Contributing Guide
• I have added tests to cover my changes.
• All new and existing tests passed.

[paulbourelly999]

Please make sure the PR describes the manual step we are removing in the description. "updated to ignore the certificates for localhost on google chrome and chromium browsers to remove the manual step" (navigating to websocket URL and accepting self signed certificate.

[paulbourelly999]

We only need one browser and we also no longer need the "https://127.0.0.1:19760" tab right.

[DokurOmkar]

That's true. I have removed these lines from the script now:

chromium-browser "http://127.0.0.1" > /dev/null 2>&1 &
chromium-browser "https://127.0.0.1:19760" > /dev/null 2>&1 &

[paulbourelly999]

Left some comments.

[DokurOmkar]

Left some comments.

Addressed all the comments

[paulbourelly999]

This is the wrong command since we use chromium below. We can offer this as an option of the user has google chrome instead of chromium. A note explaining why we do this may be useful. Something link

Note

V2X-Hub Server uses a secure WebSocket connection to communicate with the browser. V2X-Hub Server uses a self-signed certificate instead of one signed by a trust certificate authority (CA) for this secure connection, which most browsers will not trust until explicitly told to do so by navigating the the WebSocket URL (https://<v2xhub_ip>:19760) and accepting the risk . The --ignore-certificate-errors option instructs the browser to ignore certificate errors and warnings which removes manually effort of accepting this risk on V2X-Hub deployments. Using the browser with this option enabled to access the internet or any other application is not advised as it is a security risk

[paulbourelly999]

Requested more changes

[DokurOmkar]

Requested more changes

Addressed all the comments.

[paulbourelly999]

To access V2X-Hub Admin Web UI from a different machine on the same network please use either chromium or google-chrome browser and run the following command

chromium --ignore-certificate-errors <v2xhub_ip>

or

google-chrome --ignore-certificate-errors <v2xhub_ip>

[DokurOmkar]

Updated the README file.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud