Server configuration:
listen.pass=
server.ssl.cert=
server.ssl.key=
server.ssl.key.pass=
Where do I find the missing values?
Pete.
Hi Pete, is your answer coded in your reply?
Have you read the sections on automatic and manual Lets Encrypt certificate generation?
Did they not answer your question?
Is there something in there that you didnāt understand?
Pete.
Would I ask the question if I understood the sections content?
So would your original question be better phrased asā¦
Iāve tried to manually generate a Letās Encrypt certificate for my local sever, as described on the Blynk server GitHub Page, but donāt undesnad what to put in this section of the server.properties fileā¦
Then add to your server.properties file (in folder with server.jar)
server.ssl.cert=/etc/letsencrypt/live/YOUR_HOST/fullchain.pem
server.ssl.key=/etc/letsencrypt/live/YOUR_HOST/privkey.pem
server.ssl.key.pass=
??
Pete.
Thank you Pete. I will try that.
I initially omitted the lengthy issue not to annoy the experts, but here is;
Issue: I could not access from my iPad the locale Blynk server I created. Since I was told that the connection was unsecured, I created a localhost certificate. But this did not work either, so since I could at least open the server in my laptop, then I thought that entering these values directly into the server configuration (in the server) would correct the problem.
Well, I tried with not avail. No matter what I do, the server-0.41.14-java8.jar pushes its own certificate, which requires to be at the CA store. So, Iām afraid that Blynk local server wonāt work for me, unfortunately.
On your iPad, are you using Safari?
When I access my local server (no certificates installed) I get a message about the sure bot being safe and cant be displayed, However, when I click Advanced I have the option to proceed anyway, which works for me and takes me to the login screen.
Pete.
Hi Pete, so, here is the situation;
- The Blynk application is in my iPad pro, but I cannot even create the account because the app cannot connect with the server. I think this is happenings because the certificate issue.
- When I talk about accessing the server, Iām talking about attempting to access it from the browser (Chrome) in my laptop, where is the server that I created using Windows PowerShell admin. And yes, I was able to get in when I would select āAdvancedā, but not anymore. I enter my credentials in the Log in box, but no success in getting in. My credentials just vanish to return to point zero.
I hope this is more clear.
This is the log file:
09:15:00.515 INFO - Using data dir ā\projects\java\blynk\blynkdataā
09:15:00.815 INFO - Region : local. Host : 192.168.2.14.
09:15:01.255 INFO - Initializing gmail smtp mail transport. Username : example@gmail.com. SMTP host : smtp.gmail.com:587
09:15:01.270 INFO - Reports : 0
09:15:01.270 INFO - Didnāt find custom user certificates.
09:15:01.270 INFO - Didnāt find Letās Encrypt certificates.
09:15:01.270 WARN - You didnāt specified āserver.hostā or ācontact.emailā properties in server.properties file. Automatic certificate generation is turned off. Please specify above properties for automatic certificates retrieval.
09:15:01.270 WARN - ATTENTION. Server certificate paths (cert : āC:\projects\java\blynkā, key : āC:\projects\java\blynkā) not valid. Using embedded server certs and one way ssl. This is not secure. Please replace it with your own certs.
09:15:01.963 INFO - HTTP API and WebSockets server listening at 8080 port.
09:15:01.964 INFO - HTTPS API, WebSockets and Admin page server listening at 9443 port.
09:15:01.964 INFO - Mqtt hardware server listening at 8440 port.
Okay, as far as getting the app to access your local server is concerned, this wonāt be a certificate issue. As I said before, I donāt have any certificates installed on my local server and I can connect the app running on my iPad to it, and access the admin console, without any issues.
The first thing is to ensure that your local server is actually running, and try accessing the admin console from your laptopās browser.
As far as the app is concerned, your iPad should be connected to the same WiFi network as the laptop, and you should enter the laptopās IP address and port number 9443 in the custom server settings then create an account.
You should be able to see this account when you view the users in the admin console on your laptop.
TBH, I think itās far easier to have a dedicated device such a a Raspberry Pi that can be on 24/7 rather than relying on using your laptop as your local server host.
Pete.
The server is running:
Blynk Server 0.41.15-SNAPSHOT successfully started.
All server output is stored in folder āC:\projects\java\blynk.\logsā file.
And I do enter my IP address along with the 9443 port.
I agree that having the server created in the microcontroller board itself is best. However I wanted to see if works in my laptop first (test environment).
We should first fix the issue that the server jar file creates its own wrong certificate. Then add a line in it to use a certificate created locally. I would do it but Iām not very comfortable writing code, Iām more of a hardware guy. However, I will attempt to do it if I have time 
āSOLVEDā
- Created a self certificate using Windows PowerShell.
- On MMC: Transferred the certificate from Personal folder to the Trusted folder.
- On MMC: I exported the certificate to the Desktop as a .pfx file.
- With OpenSSL: Extracted from the .pfx file the cert.pem and key.pem files and put them into the data folder of my Blynk directory.
- With IIS Manager: Over the Default Web Site tab. Selected the Binding function and I added a site binding. Selected the https tab, selected the right certificate and port 9443.
- Added the .pem files in the right location in the server.properties file.
- And my local server is secured.
A long journey 
1 Like