ZM works, zmninja doesn't. Connects, but can't load API

[MidnightAngel]

Hi all,

I've just set up ZoneMinder v1.37.47 on Debian Bookworm with Apache2. I connect to ZoneMinder using a self-signed cert as the server is internal and not exposed to the Internet. The server is set up to redirect all HTTP requests on port 80 to HTTPS on 443. ZoneMinder's web UI all works perfectly. I can view the API outputs on a web browser just fine. I used curl to verify everything works:

Code: Select all

kit@Voyager ~ % curl -k -XPOST -d "user=admin&pass=xxxxxx" https://192.168.1.17/zm/api/host/getVersion.json
{"version":"1.37.47","apiversion":"2.0"}%
kit@Voyager ~ % curl -k -XPOST -d "user=admin&pass=xxxxxx" https://192.168.1.17/zm/api/host/login.json     
{"access_token":"xxxxxxxxxxxx","access_token_expires":7200,"refresh_token":"xxxxxxxxxx","refresh_token_expires":86400,"credentials":"auth=xxxxxxxxxxxx","append_password":0,"version":"1.37.47","apiversion":"2.0"}%
kit@Voyager ~ % curl -k -XPOST -d "user=admin&pass=xxxxxxx" https://192.168.1.17/zm/api/monitors.json 
{"message":{"Name":["Monitor Name must be specified for creation","Monitor Name must be specified for creation"]}}%                                     
kit@Voyager ~ % 

I purchased the iOS version of zmninja for my iPad Pro running iOS 17.2. The zmninja version is 1.6.009 (ios). Unfortunately, it doesn't work correctly. It shows "ZoneMinder authentication successfully" and cannot download the monitors. It shows, "If this screen doesn't go away after a while, it is possible your APIs are not configured properly". However, as the above output shows, it should be working fine.

I've spent hours on Google, and reading the zmninja docs from cover to cover and I can't find what the issue is. I'm sure it's something simple I'm overlooking.

I've tried:

• Clearing the API cache

• Using "Basic" Authentication

• Accessing the Zoneminder API on the tablet via the web browser which works

• Enabled and disabled "strict SSL check" in developer options

• Enabled HTTP on apache2 and disabled it

• Double checked "AUTH_RELAY" is set

• "AUTH_HASH_SECRET" is populated

• "AUTH_HASH_IPS" is disabled

• "OPT_USE_APIS" is enabled

• "OPT_USE_GOOG_RECAPTCHA" is disabled

• "OPT_USE_AUTH" is enabled

No logs in ZoneMinder are generated.
I can't extract the logs in zmninja, but I could take screenshots, shown below.

Any ideas what I can do, please?

[CharlotteFilemdar]

Beyond getVersion and login: Test additional API endpoints, like monitors.json or events.json, using curl or Postman to ensure comprehensive functionality.
Review API Configuration: Double-check API settings in ZoneMinder's zm.conf file, specifically ZM_API_HOST, ZM_API_PORT, and authentication-related options.
Verify Port Accessibility: Ensure port 443 is accessible from your iPad to the ZoneMinder server. Use a network scanning tool or firewall logs to confirm.
Test Internally: If possible, temporarily disable the firewall on the ZoneMinder server to rule out firewall-related restrictions.

zmNinja Logs: Contact zmNinja support for assistance in extracting app logs, which can provide valuable insights.
ZoneMinder Debugging: Enable debugging in ZoneMinder's zm.conf file for more detailed logging.
Apache Logs: Inspect Apache logs for errors or anomalies related to API requests from zmNinja.

Additional Considerations:

Client-Side Restrictions: Review any iOS-specific network restrictions or VPN configurations that might interfere with zmNinja's access.
Alternative Apps: Consider testing other ZoneMinder mobile apps to isolate whether the issue is specific to zmNinja or a broader compatibility problem.
Remember: Provide as much detail as possible koows when seeking further assistance from zmNinja support or ZoneMinder forums. This includes specific error messages, configuration details, and troubleshooting steps you've already taken.

[iconnor]

Perhaps start with the desktop version, as you can open up developer tools and get more insight into what is failing.

Since you are using self-signed certs, you WILL need to turn off strict ssl checking.