Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add SSL support #33

Closed
martindsouza opened this Issue Apr 15, 2015 · 6 comments

Comments

Projects
None yet
3 participants
@martindsouza
Copy link
Member

martindsouza commented Apr 15, 2015

Waiting for let's Encrypt: https://letsencrypt.org/

Note: Part of this will be node4ords updates and some OXAR

Technical notes:

  • Need to stop node4ords and run a "dummy" web server

systemctl stop node4ords

var express = require('express');
var http = require('http');
var app = express();

// TODO some directory to store a blank index.html
app.use(express.static(config.static.directory));

http.createServer(app).listen(config.web.http.port);

From https://certbot.eff.org/#centosrhel7-other

# Install Certbot
yum install certbot

# generate cert
certbot certonly --webroot -w /var/www/public -d demo.oraopensource.com -m martin@oraopensource.com --agree-tos

# Certs are now /etc/letsencrypt/live/<domain>

@martindsouza martindsouza added this to the Future milestone Apr 15, 2015

@tschf

This comment has been minimized.

Copy link
Contributor

tschf commented Jul 17, 2015

https://letsencrypt.org/2015/06/16/lets-encrypt-launch-schedule.html

Let's Encrypt Launch Schedule

  • First certificate: Week of July 27, 2015
  • General availability: Week of September 14, 2015
@tschf

This comment has been minimized.

Copy link
Contributor

tschf commented Aug 11, 2015

https://letsencrypt.org/2015/08/07/updated-lets-encrypt-launch-schedule.html

Schedule pushed back

We’ve decided to push our launch schedule back a bit to give us time to further improve our systems. Our new schedule is:

  • First certificate: Week of September 7, 2015
  • General availability: Week of November 16, 2015

@martindsouza martindsouza referenced this issue Oct 25, 2015

Closed

Oxar #4

@4223

This comment has been minimized.

Copy link

4223 commented Jul 22, 2016

Is it still planned to implement LetsEncrypt in the OXAR-scripts?

@tschf

This comment has been minimized.

Copy link
Contributor

tschf commented Jul 22, 2016

Yes, that would be good. I haven't had time to try setting it up yet to see
what's involved. Whether that be a document describing the process or baked
in to the scripts, I'm not sure yet.

On 22 Jul 2016 3:55 PM, "4223" notifications@github.com wrote:

Is it still planned to implement LetsEncrypt in the OXAR-scripts?


You are receiving this because you commented.
Reply to this email directly, view it on GitHub
#33 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABqqu2n1sNA0yttzjgBhOB2vcWiiZGD6ks5qYFs4gaJpZM4EBPOD
.

@martindsouza

This comment has been minimized.

Copy link
Member Author

martindsouza commented Sep 7, 2016

Script to generate SSL Certificate

openssl genrsa -out key_name.key 2048

openssl req -out CSR.csr -key key_name.key -new -sha256  -days 36 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com"

https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs
openssl req \
       -newkey rsa:2048 -nodes -keyout domain.key \
       -out domain.csr \
       -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com"

-- This should work.
openssl req \
      -newkey rsa:2048 -nodes -keyout domain.key \
      -x509 -days 365 -out domain.crt \
      -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost"

openssl genrsa -out domain-key.pem 1024
openssl req -new -key domain-key.pem -out certrequest.csr -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost"
openssl x509 -req -in certrequest.csr -signkey domain-key.pem -out domain-cert.pem

martindsouza added a commit that referenced this issue Sep 8, 2016

martindsouza added a commit that referenced this issue Sep 8, 2016

Documentation cleanup
#33 SSL support documentation

@martindsouza martindsouza modified the milestones: Future, 1.0.0 Sep 8, 2016

martindsouza added a commit that referenced this issue Sep 13, 2016

martindsouza added a commit that referenced this issue Sep 13, 2016

@martindsouza

This comment has been minimized.

Copy link
Member Author

martindsouza commented Sep 13, 2016

@4223 We now have SSL and Let's Encrypt done!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.