What is the easiest way to route an externally hosted domain to my VM instance on GCP (with a fixed IP) and connect over HTTPS? Currently only HTTP works, forwarded via the entry in the A Records. Which service is best suited for this on GCP? I am happy about every suggestion.
You can point your domain to VM via adding A record in DNS. For managing the https you can setup the nginx or apache and generate or add the SSL/TLS certificate there.
For generating free SSL/TLS certificate you can use : https://certbot.eff.org/
it's easy to manage and install the SSL/TLS certificate with certbot also it's having functionality of auto-renewal of certificates.
Thank you very much. Certbot looks good. :)
A) Currently I have the following configuration:
Domain at Active24 (A record points to server)
Server is Alfresco on a VM instance on GCP
Server is Apache Tomcat on Debian 9
I can manage on the command line, but it's not my daily business.
I installed Certbot and had the certificate installed (sudo certbot --apache)
B) Now, after installing Certbot, here's the situation:
When I open the URL/Domain I get to the Alfresco Login Screen. Browser does not show HTTPS.
After entering my login data, HTTPS appears, but I cannot access the Share environment. Instead I see an Alfresco error page with a button to return to the dashboard.
When I click on the "Back to Dashboard" button, I return to the login screen.
I think I still have to configure Apache to forward to the appropriate destinations. But I can't find any instructions for this.
C) My next questions are:
Did Certbot install an additional server as a proxy, or did it configure the existing one?
In which directory do I find the appropriate server settings?
Thanks a lot!
Related
My app is a Laravel app, running on Nginx, provisioned by Forge, and SSL certificates are provided by CloudFlare.
It is hosted at a URL like https://www.myapp.com
My app’s customers are businesses, and already own their domains:
https://www.customer1.com
https://www.customer2.com
https://www.customer3.com
etc.
I want my customers to run MyApp from the sub-domains of their choice:
https://some-name.customer1.com
https://some-other-name.customer2.com
https://any-name-they-want.customer3.com
etc.
My customers should not install anything — MyApp still runs on myapp.com, not on their servers
My customers should only (if possible) modify their DNS, probably add a CNAME like "some-name” that points to “myapp.com”
I followed this amazing article: Dynamic custom domain routing in Laravel.
but I can't get it to work in an https (with SSL) environment -- the browser returns:
This site can’t provide a secure connection
some-name.customer1.com uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
The client and server don't support a common SSL protocol version or cipher suite.
How should Nginx and/or SSL certificates be configured?
This is still a question which is not very simple.
However, Caddy does generate SSLs automatically (if replacing Nginx with Caddy is an option for you).
You can check the documentation for more.
I have changed my magneto localhost to https.My site is not working now.I want to go back to http.For that I have made changes in the table core_config_data web/secure/base_url to "http" ,web/secure/use_in_frontend,web/secure/use_in_adminhtml to "1" but still it is working
thanks,
It will not work on localhost. Because local server don't support the ssl. You must have ssl install on your server to run it using https. You will need to install openssl.
http://www.neilstuff.com/apache2-ssl-windows.html
Change secure base url in core_config_data from https:// to http://.
Also, since you're talking localhost, I take it this is a dev machine. If it's running under Linux, it's pretty easy to create your own CA, add it to your browser cert store and create a self signed certificate for your web server. You'll have to add a virtual host entry for port 443 and the usual SSL specific entries in it. Makes Magento development go a lot easier.
I am working to setup my application to watch calendar events through Google's Calendar API. In doing so I must setup a "Push" endpoint on my server that has a valid SSL certificate (not self-signed).
My production environment is running on Heroku so setting up an SSL cert was easy using Expidited SSL. I have two CNames setup in GoDaddy, one for my production application and one for my development environment tunneled through ngrok. I'm using the paid ngrok feature of white labeled domain tunneling (dev.mydomain.com).
Host Points To
www saga-1234.herokussl.com
dev ngrok.com
The problem is that my ssl certificate is recognized when you hit the production application (www.mydomain.com), but it uses ngrok's certificate when you visit the development application (dev.mydomain.com).
How can I setup my ngrok tunnel to use my ssl certificate?
Ngrok's white labeled domain does not support HTTPS if you are using your own domain. Simply because it serves it's own certificate, where you need to serve your domain's. That's why you are getting certificate mismatch issue.
Here's what you could do to watch calendar events on your dev machine:
Point ngrok.mydomain.com to another server, let's say a new EC2
micro instance
Point wildcard CNAME to ngrok.mydomain.com
Compile ngrok server and client to use your certificate (rather than
ngrok.com)
Run the ngroku-server on EC2 instance
On your dev machine config the client to use ngrok.mydomain.com instead of ngroku.com
Run ngrok -subdomain=dev 80
Your local dev machine's 80 port should be accessible via https://dev.mydomain.com
This is really cool and is very helpful when debugging Google's webhooks, which require valid HTTPS and a verified root domain name.
Another interesting trick is to use CloudFlare's universal SSL to have a valid https://dev-machine.mydomain.com pointing to your dev machine without purchasing a certificate. The steps are exactly the same except that you need to issue your own certificate for ngrok client-server communications and use CloudFlare's Flex SSL for dev-machine.yourdomain.com.
ngrok has a new feature that tunnels and terminates SSL. Thus you can use your own domain and HTTPS. No need to open ports in your router or PC. They call it TLS Tunneling. The following is a link to a GitHub repos that describes how to do it.
How to use your own domain to access your home PC over the internet. Use HTTPS without raising SSL errors.
I wanted to set up a simple go server in a webhost. I acquired a domain mydomain.com and hosted it using Bluehost. Now, going through the Go tutorial, I went through this example http://tour.golang.org/#59 and it works fine on my machine. Now, instead, I want to make the HelloWorldServer work when I call mydomain.com:4000 or some other port.
What I did was ssh to my server at bluehost, install go there, then compile the server and run. But then I try to access mydomain.com:4000 and it is not found. I also tried to change "localhost:4000" to just ":4000". any ideas how to make it work ?
Any help or pointers are appreciated. (some more details: it is a shared-hosting account)
This is due to the firewall on your BlueHost server not having ports (including 4000) open on a shared hosting account, Firewall Port Restrictions
If you want to do some simple (and not so simple) web hosting, why don't you look at Google App Engine
I am hosting a website using XAMPP. The website uses PayPal API for Express Checkout. If I move the website to a real hosted server (i.e. www.website.com), the PayPal checkout system will work. If I use it from XAMPP (localhost), it won't even connect to PayPal. How would I make this work from my localhost?
Step 1: Port forwarding. Your router has a public ip (not 127.0.0.1) Configure your router to accept requests from the interwebs.
Step 2. Have a spare domain name? Configure your domain # your registar: Point "A" Record to your newly forwarded IP.
Step 3. Add a fake HTTPS cert http://curl.haxx.se/ca/cacert.pem to the root folder of your XAMPP installation.
Not the end-all, say, all-a guideline. Tricky, but a starting point.
With this approach, you can test Paypal IPN's, use the sandbox, all the good stuff, as well as monkey around with all the other major vendors' api's on your local server.
These links will be helpful for you.
http://demos.ipn-easy.com/Howto/TestEnvironment.aspx
Can I test paypal api's from localhost