- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: How to run Koken on https?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is a good way to make the Koken content management system run on https, without browsers complaining about the self-signed certificate?
I experimented with creating a self-signed certificate and adding a virtual host to /apps/koken/http.conf (based on tutorials, like https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-debia... ). This will make koken run on https. However, browsers will complain about the certificate not being trusted.
Guess I need a certificate / key issued by a Certificate Authority?
What is a good CA?
Does anyone have experience with using a free CA?
What steps would I have to take to get the key/certificate?
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@StephenB wrote:
I suggest looking into letsencrypt ( https://letsencrypt.org/ )
Created a how-to for setup of Koken CMS with HTTPS on ReadyNAS OS 6.5.0 and Letsencrypt certificates on https://fotografeer.nl/index.php?/essays/2016/06/koken-cms-on-https/
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to run Koken on https?
I suggest looking into letsencrypt ( https://letsencrypt.org/ )
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to run Koken on https?
Note that Koken is not running on the standard http and https ports 80 and 443.
After installing git, installed the letsencrypt certbot, but can't get it to run as expected. I'm trying this:
./certbot-auto certonly --test-cert --standalone --email someone@noreply.nl -w /apps/koken/web -d fotografeer.nl
But I get an error message:
The program apache2 (process ID 27035) is already listening on TCP port 80. This will prevent us from binding to that port. Please stop the apache2 program temporarily and then try again
If I stop apache and try again with:
service apache2 stop
[ ok ] Stopping apache2 (via systemctl): apache2.service.
./certbot-auto certonly --test-cert --standalone --email someone@noreply.nl -w /apps/koken/web -d fotografeer.nl
I get the following error message:
Checking for new version...
Requesting root privileges to run certbot...
/root/.local/share/letsencrypt/bin/letsencrypt certonly --test-cert --standalone --email someone@noreply.nl -w /apps/koken/web -d fotografeer.nl
Failed authorization procedure.
fotografeer.nl (tls-sni-01): urn:acme:error:connection ::
The server could not connect to the client to verify the domain ::
Failed to connect to host for DVSNI challenge
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: fotografeer.nl
Type: connection
Detail: Failed to connect to host for DVSNI challenge
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
Not very sure how to proceed from there.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to run Koken on https?
I think you need a ddns name set up that points to the NAS web server.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to run Koken on https?
Never used DDNS before. The domain name is already set up by my provider and has been accessible for several years. Port forwarding assures that HTTP port 80 ends up at the port used by Koken.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to run Koken on https?
Perhaps post this on https://community.letsencrypt.org
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to run Koken on https?
Spent two days, but didn't get the "let's encrypt" certificate to work properly. Guess I'm stuck at http for now.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: How to run Koken on https?
Had another go and managed to create the certficates with letsencrypt.
Toke a while to get the Apache configuration for koken correct, but finally managed to get it working on https://fotografeer.nl.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@StephenB wrote:
I suggest looking into letsencrypt ( https://letsencrypt.org/ )
Created a how-to for setup of Koken CMS with HTTPS on ReadyNAS OS 6.5.0 and Letsencrypt certificates on https://fotografeer.nl/index.php?/essays/2016/06/koken-cms-on-https/