I plan to write a web application using the Sinatra framework, and want to add HTTPS to it using Let's Encrypt. certbot, the recommended Let's Encrypt client, doesn't support Sinatra, and from Googling I can't find any others which appear to support it.
Are there any Let's Encrypt clients which support Sinatra, and if not, how can I fetch a certificate from Let's Encrypt and configure Sinatra to use it? The application will be running on Linux.
Sinatra is merely the framework you use to build a web app on top of a web server. The only thing that matters when using a Let's Encrypt client is that you're using a supported web server such as Apache or Nginx.
The documentation lists out these requirements: https://certbot.eff.org/docs/intro.html#system-requirements
You can use certbot regardless of the web framework you choose as long as you're running on a supported web server.
Related
I can't get my backend to send data after switching to secure connection.
I was able to successfully configure SSL with ssl_mod on Apache web server that serves my Angular app on AWS Linux 2 instance, the site is secure - but my Spring Boot backend is not responding, it is not sending any data. When I additionally convert .crt and .key files to PK12 that Spring understands and I use it in Spring app - I get this error:
net::ERR_SSL_PROTOCOL_ERROR
I've tried using AWS Load Balancer, but same thing happens, frontend is loaded in secure environment, but backend is not sending any data even after I change backend calls from http to https://my-site.com. I've tried following documentation and added this to my backend app properties file:
server.tomcat.remoteip.remote-ip-header=x-forwarded-for
server.tomcat.remoteip.protocol-header=x-forwarded-proto
and security configuration upgraded with this:
http.requiresChannel().anyRequest().requiresSecure()...
but to no avail.
Lastly, I created a new instance on EC2 and this time I didn't configure apache for the frontend on linux, I just used SSL certificate on my backend app with following properties:
server.ssl.enabled=true
server.ssl.key-store=/etc/ssl/mydomain_com.p12
server.ssl.key-store-password=******
server.ssl.key-alias=mydomain
To no avail, now my site doesn't load at all. I'm despearate, struggling with this for a week now. What is the procedure for a full stack app? How do I do it?
Let me respond because on the same day I asked the question - I found a solution. The solution was - converting free SSL certificate with the help of this website:
https://www.sslshopper.com/ssl-converter.html
After I've plugged it in my Spring Boot app - it works. Before that, I made the conversion with OpenSSL on Windows, and it seems it was faulty. I'm so happy now... I read so many articles on this website on my one and a half year journey of learning to code - and got stuck on the last step. I'm so happy. Thank you all for this amazing website and all the help. I love you! I'm proud of being a part of this programming community... the best humor, the best people!
Peace
I am new to wechat development, as I can see from the documentation it requires setting up a server, getting a domain and ssl certificate. I am developing an app that sends a request to a server, fetches pdf file from database and downloads that file to user's phone. Since I am using pdf, I need to store binary data, so VPS hosting should be the best option here. But I am not sure if I can use it for WeChat, I noticed in most documentation and tutorials developers are using cloud services.
Of course.whatever serve provider is.
I am looking at developing a web api for my business rules/database access.
I can use Postman to test the api locally but I also need to develop the client web site.
Is it just a case of running the web api locally and then developing the client site to use the local web api urls?
e.g. http://localhost/api/getcustomer/1
Also when it eventually goes live what do I need to look into in order to secure it all?
Regards
I'm trying to use qbwc gem my RoR app to connect to the standard Quickbooks with QuickBook Web Connector.
I have deployed my app on Heroku. when I try to load the qbc file I get the following error:
QBWC1048: QuickBooks Web Connector could not verify the web application server certificate
I'm using Heroku default domain which according to the Heroku documentation it serves https.
What am I missing?
What is the best approach to solve this?
Use the Heroku default domain name e.g. https://yourappname.herokuapp.com.
If you are attempting to use a custom domain name you must configure an SSL Endpoint on Heroku.
The QuickBooks Web Connector wants a valid SSL cert.
I am developing an App for iphone,android using PhoneGap for the client side. On the server side, i have a Restful API with Sinatra/Ruby(Not Rails). The App is free and anyone can access the services but i need to make sure the minimal level of security is implemented so my API is available 24/7.
I heard about oAuth but i am not sure if that is the way to go.
oAuth is a standard for authorization across different authorization domains (e.g. between services) and is probably not what you want.
The easiest way to secure a REST API is the usage of HTTPS. To secure Sinatra have a look at How to make Sinatra work over HTTPS/SSL?