mirror of
https://github.com/actualbudget/actual.git
synced 2026-05-08 12:59:01 -05:00
Closed
opened 2026-04-14 18:37:39 -05:00 by GiteaMirror
·
18 comments
No Branch/Tag Specified
master
matiss/fix-publish-npm-cache-input
claude/plan-ci-secure-context-OtEe1
matiss/crdt-source-loading
worktree-misty-wishing-rain
release/v26.5.1
dependabot/npm_and_yarn/uuid-14.0.0
claude/hide-default-categories-1cwBZ
matiss/crdt-protobuf
release/26.5.0
claude/update-issue-template-ykMNn
claude/fix-issue-7667-DPXi3
cursor/formula-feedback-improvements-4223
cursor/resolve-pr-7449-ee11
claude/fix-typescript-build-error-JPtZ5
jfdoming/api-tokens-part-3
jfdoming/api-tokens-part-2
jfdoming/api-tokens-part-1
claude/speed-up-vrt-workflow-ZAyI5
claude/crdt-version-auto-publish-Ph1BH
copilot/add-repository-configs-to-packages
worktree-compressed-drifting-ritchie
worktree-mellow-strolling-dawn
matiss/browser-api
claude/api-consumer-verification-kfz1K
feature/enable-banking
cursor/transaction-table-rewrite-f077
pr-7454
claude/fix-issue-7410-LLLQ4
revert-7350-trim-deps
revert-7220-sankey-report
revert-7242-fix/split-parent-update-corruption
revert-7281-generate-icons
claude/electron-to-tauri-migration-LjBN8
worktree-remotion
claude/browser-compatible-api-QbhHh
claude/improve-cli-transactions-waTUY
claude/publish-react-native-ios-j8qoT
js-proxy
claude/fix-flaky-ci-job-5gDdz
react-query-rules
react-query-useSchedules
claude/nightly-theme-validation-scan-DzOGD
claude/debug-simplefin-error-ZuKzB
matiss/desktop-client-subpath-imports
claude/fix-simplefin-ssrf-T31gX
add-claude-github-actions-1772738270730
cursor/sync-performance-notification-9899
react-query-prefs
matiss/chunked-sync-and-progress-ux
v26.2.1
copilot/sub-pr-6880
fix-react-query-clear-on-close-budget
copilot/sub-pr-6140
feat/auto-note
feat/scoped-bank-sync
cursor/desktop-transactions-react-table-1d0c
fix-exhaustive-deps-App
copilot/fix-find-replace-bug
matiss/browser-tests
mobile-fix-drag-and-drop-across-groups
budget-table-v2
PayeeAutocomplete2
pglite
bugfix/plugins/fix-plugins-sw
feat/plugins/plugins-core-package
matiss/unicode-minus-fix
cursor/fix-actual-github-issue-6206-gemini-3-pro-preview-9c37
TransactionFormPage
cursor/implement-mortgage-and-loan-account-type-78ca
tests-update-fill-with-pressSequentially
mobile/link-modal
deps/25.11
cursor/fix-update-vrt-apply-ci-job-dispatch-b324
sync-server-plugins
cursor/propose-patch-for-github-issue-5680-2a18
fix/compiler-preserve-inner-dollar-escapes
cursor/analyze-actual-budget-issue-and-propose-fix-5b70
coderabbitai/docstrings/0c070e5
cursor/add-wip-prefix-and-comment-to-prs-d78d
jfdoming/08-21-auto-focus-on-navigate-in-all-browsers
show-totals-on-mobile-budget-banners
allow-child-transactions-make-transfer
mobile-calculator-keyboard
payee-geolocation
enhance/restore_scroll_position
dm-fix-second-click-on-mobile-new-transaction-2
scrollToLocationBudget
alert-autofix-38
tsconfig-composite
mobile-fix-uncategorized-transactions-on-tracking-budgets
server-budget-handlers
fix-sql-injection-in-cleanup-template
non-chrome-draggable-workaround
mobile-budget-page-swipe-navigation
ts-db-all
stable
dark-theme-with-brand-colors
fix-mobile-delete-group
ts-db-select
UnderKoen/reconcile-context-menu
master-before-server-merge
v25.2.1
ts-runQuery
rename-redux-hooks
UnderKoen/3557-persist-state-in-history
remove-redux-CLOSE_BUDGET
fix-exhaustive-deps-errors-FinancesApp
redux-toolkit-createSlice-backup
accounts-function-component
ts-useSplitsExpanded
loot-core-server-package
useTransactios-in-TransactionEdit
react-aria-input
move-redux-to-desktop-client
QueryState-type
fix-themes-applied-late
mobile-vrts
revert-3295-spendingCardFix
react-aria-button-4
split-payee-on-mobile
twk3/pin-apis-crdt
notes-tag-autocomplete
ts-LoadBackup
dnd-kit
package-upgrades
v26.5.1
v26.5.0
v26.4.0
v26.3.0
v26.2.1
v26.2.0
v26.1.0
v25.12.0
v25.11.0
v25.10.0
v25.9.0
v25.8.0
v25.7.1
v25.7.0
v25.6.1
v25.6.0
v25.5.0
v25.4.0
v25.3.1
v25.3.0
v25.2.1
v25.2.0
v25.1.0
v24.12.0
v24.11.0
v24.10.1
v24.10.0
v24.9.0
v24.8.0
v24.7.0
v24.6.0
v24.5.0
v24.4.0
v24.3.0
v24.2.0
v24.1.0
v23.12.0
v23.11.0
v23.10.0
v23.9.0
v23.8.1
v23.8.0
v23.7.2
v23.7.1
v23.7.0
v23.6.0
v23.5.0
v23.4.2
v23.4.1
v23.4.0
v23.3.2
v23.3.0
v23.2.9
v23.2.5
v23.1.12
v22.12.9
Labels
Clear labels
AI generated
API
bank sync
budgeting
bug
can’t replicate
dependencies
docker
documentation
electron
experimental feature
feature
feedback
goal templates
good first issue
help wanted
importers
maintenance
needs info
needs testing
needs triage
needs votes
openid
payees
pull-request
regression
reports
responsive
rules
schedules
server
✨ merged
split transactions
tech debt
theme
transaction import
transaction reconciliation
transactions
translations
upstream
user interface
✅ approved
wontfix
Mirrored from GitHub Pull Request
Milestone
No items
No Milestone
Projects
Clear projects
No project
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/actual#15589
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @atrueresistance on GitHub (Aug 22, 2024).
Original GitHub issue: https://github.com/actualbudget/actual/issues/3304
Verified issue does not already exist?
What happened?
I'm having an issue with the web server connecting to the desktop application.
The server is up and running using HTTPS and a self signed cert.
Having a self signed cert, you would normally be prompted in Chrome stating that the certificate is not valid. It's probably not the best way to go about it, but if you add it to the Trusted Root Certification Authorities for the current user Chrome inherently trusts it solving the warning. At least on the local machine for the current logged on user. I don't intend on opening the server to the outside, just LAN connection is good enough for me.
The desktop application is being ran on the same machine and user that the certificate was added to the Trusted Root Certification Authorities store.
Where are you hosting Actual?
Docker
What browsers are you seeing the problem on?
Desktop App (Electron)
Operating System
Windows 11
@MikesGlitch commented on GitHub (Aug 22, 2024):
Confirmed - I'm seeing this also. This may be tricky - we do n't want to turn off TLS validation for security reasons. Having said that, disabling it does work:
Anyone got any thoughts on the best approach here?
@psybers commented on GitHub (Aug 22, 2024):
https://stackoverflow.com/questions/38986692/how-do-i-trust-a-self-signed-certificate-from-an-electron-app
@atrueresistance commented on GitHub (Aug 22, 2024):
I'll start of with I know nothing of electron apps. I do agree that TLS validation off is not the default way to ship.
I'm not sure how much work it would be, but would it be possible to have a configuration item in the desktop app that whitelists a specific certificate serial number?
https://www.electronjs.org/docs/latest/api/session#sessetcertificateverifyprocproc
If the certificate is installed in the current user's certificate store can the desktop app use is directly from the store?
@MikesGlitch commented on GitHub (Aug 22, 2024):
We have a bit of an odd setup, we run our loot-core server process (that calls the API and gets the error) in a forked process.
I think that means the session's setCertificateVerifyProc won't pick it up.
Maybe we can configure node-fetch for Electron to figure out the root store 🤔
@MikesGlitch commented on GitHub (Aug 24, 2024):
I have a draft pr up - as expected the electron setCertificateVerifyProc wont work. The only way to make it work is for the user to specify the cert that they want to trust.
@atrueresistance How did you generate your cert? I used makecert to test but want to make sure it also works on your config.
@atrueresistance commented on GitHub (Aug 24, 2024):
@MikesGlitch I used the same command as in the documentation except with a subject alternative name to match the hostname.
openssl req -x509 -nodes -days 365 -addext "subjectAltName = DNS:orangepi3-lts" -newkey rsa:2048 -keyout selfhost.key -out selfhost.crt@MikesGlitch commented on GitHub (Aug 24, 2024):
Thanks, I have a build here: https://github.com/actualbudget/actual/actions/runs/10541997136/job/29208287390?pr=3308
Can you confirm if it fixes this issue? If you try it, don't forget to backup your budget first.
@atrueresistance commented on GitHub (Aug 26, 2024):
This app package’s publisher certificate could not be verified. Contact your system administrator or the app developer to obtain a new app package with verified certificates. The root certificate and all immediate certificates of the signature in the app package must be verified (0x800B010A)@MikesGlitch commented on GitHub (Aug 26, 2024):
That's what we'd expect for the appx installer - it's for the windows store.
Try the "actual-electron-windows-latest" artifact, that should install as per usual.
@atrueresistance commented on GitHub (Aug 26, 2024):
Is there a link? Sorry I'm not sure where I should be looking.
@MikesGlitch commented on GitHub (Aug 26, 2024):
Ah, this is the direct link to the download: https://github.com/actualbudget/actual/actions/runs/10541997136/artifacts/1850858005
Here's the PR, if interested: https://github.com/actualbudget/actual/pull/3308
@atrueresistance commented on GitHub (Aug 27, 2024):
@MikesGlitch I was able to download the latest and get it running with the self signed cert.
Thank you so much!
@crzdg commented on GitHub (Aug 27, 2024):
Nice. I will soon test this as well. Im using Caddy as proxy, so a short-lived certificate. Can I trust the Intermediate / Root, so the short-lived signed certs work?
@MikesGlitch commented on GitHub (Aug 28, 2024):
I'm not too familiar with Caddy so couldn't say. You can trust a certificate that is locally on the PC that is .crt or .pem format.
@MikesGlitch commented on GitHub (Aug 28, 2024):
Closed by https://github.com/actualbudget/actual/pull/3308
@wgregbrown commented on GitHub (Mar 16, 2025):
Is there anywhere to still get the desktop client that will work with self signed certs. @MikesGlitch put a link
https://github.com/actualbudget/actual/actions/runs/10541997136/job/29208287390?pr=3308
But its empty now.
@MikesGlitch commented on GitHub (Mar 17, 2025):
The latest release has it. You can get it from the GitHub releases page
On Sun, 16 Mar 2025, 23:19 wgregbrown, @.***> wrote:
@neobladerunner commented on GitHub (Apr 4, 2026):
I'm experiencing this issue with latest version 26.3.0 via Flathub. I've generated a self-signed cert via mkcert and can load the app fine via the browser from any device on my network. The desktop app states:
I followed the instructions here to import the root certificate to the desktop app from the device Actual is running on, but the UI doesn't seem to do anything when I import it. Clicking on OK doesn't clear the red error message, and I can't tell if it's rejecting the cert file or not seeing it at all. I suppose I should just use the web client but wanted to try the desktop app if I could.