× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

Re: How to run Koken on https?

dsnpevl
Virtuoso

How to run Koken on https?

What is a good way to make the Koken content management system run on https, without browsers complaining about the self-signed certificate?

 

I experimented with creating a self-signed certificate and adding a virtual host to /apps/koken/http.conf (based on tutorials, like https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-debia... ). This will make koken run on https. However, browsers will complain about the certificate not being trusted.

 

Guess I need a certificate / key issued by a Certificate Authority?

What is a good CA?

Does anyone have experience with using a free CA?

What steps would I have to take to get the key/certificate?

 

Message 1 of 9

Accepted Solutions
dsnpevl
Virtuoso

Re: How to run Koken on https?


@StephenB wrote:
I suggest looking into letsencrypt ( https://letsencrypt.org/ )


Created a how-to for setup of Koken CMS with HTTPS on ReadyNAS OS 6.5.0 and Letsencrypt certificates on https://fotografeer.nl/index.php?/essays/2016/06/koken-cms-on-https/

 

View solution in original post

Message 9 of 9

All Replies
StephenB
Guru

Re: How to run Koken on https?

I suggest looking into letsencrypt ( https://letsencrypt.org/ )

Message 2 of 9
dsnpevl
Virtuoso

Re: How to run Koken on https?

Note that Koken is not running on the standard http and https ports 80 and 443.

After installing git, installed the letsencrypt certbot, but can't get it to run as expected. I'm trying this:

 

./certbot-auto certonly --test-cert --standalone --email someone@noreply.nl -w /apps/koken/web -d fotografeer.nl

But I get an error message:

 

The program apache2 (process ID 27035) is already listening on TCP
port 80. This will prevent us from binding to that port. Please stop
the apache2 program temporarily and then try again

If I stop apache and try again with:

 

 service apache2 stop

[ ok ] Stopping apache2 (via systemctl): apache2.service.

 

./certbot-auto certonly --test-cert --standalone --email someone@noreply.nl -w /apps/koken/web -d fotografeer.nl

I get the following error message:

 

Checking for new version...
Requesting root privileges to run certbot...
   /root/.local/share/letsencrypt/bin/letsencrypt certonly --test-cert --standalone --email someone@noreply.nl -w /apps/koken/web -d fotografeer.nl
Failed authorization procedure.
fotografeer.nl (tls-sni-01): urn:acme:error:connection ::
The server could not connect to the client to verify the domain ::
Failed to connect to host for DVSNI challenge

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: fotografeer.nl
   Type:   connection
   Detail: Failed to connect to host for DVSNI challenge

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

Not very sure how to proceed from there.

 

Message 3 of 9
StephenB
Guru

Re: How to run Koken on https?

I think you need a ddns name set up that points to the NAS web server.

Message 4 of 9
dsnpevl
Virtuoso

Re: How to run Koken on https?

Never used DDNS before. The domain name is already set up by my provider and has been accessible for several years. Port forwarding assures that HTTP port 80 ends up at the port used by Koken.

Message 5 of 9
StephenB
Guru

Re: How to run Koken on https?

Perhaps post this on https://community.letsencrypt.org

Message 6 of 9
dsnpevl
Virtuoso

Re: How to run Koken on https?

Spent two days, but didn't get the "let's encrypt" certificate to work properly. Guess I'm stuck at http for now.

Message 7 of 9
dsnpevl
Virtuoso

Re: How to run Koken on https?

Had another go and managed to create the certficates with letsencrypt.

Toke a while to get the Apache configuration for koken correct, but finally managed to get it working on https://fotografeer.nl.

 

Message 8 of 9
dsnpevl
Virtuoso

Re: How to run Koken on https?


@StephenB wrote:
I suggest looking into letsencrypt ( https://letsencrypt.org/ )


Created a how-to for setup of Koken CMS with HTTPS on ReadyNAS OS 6.5.0 and Letsencrypt certificates on https://fotografeer.nl/index.php?/essays/2016/06/koken-cms-on-https/

 

Message 9 of 9
Top Contributors
Discussion stats
  • 8 replies
  • 5622 views
  • 1 kudo
  • 2 in conversation
Announcements