gabriel.rosseel
Posts: 128
Joined: Fri May 05, 2017 8:21 am

HTTPS vs HTTP

Sun Sep 17, 2017 9:22 am

My HW and SW specs are: Paspberry Pi 3 Model B with Raspbian Stretch
I installed LAMP on my Intranet (Linux,Apache,MySQL,PHP)
On that Intranet I have a site called www.hutte.local
Now I would like to connect to that site with a secure connection httpS://www.hutte.local instead of http://www.hutte.local
I setup SSL on my Raspberry as follows: https://the-bionic-cyclist.co.uk/2017/0 ... 2-minutes/
----------------------------------------------------------------------------------------------------------------------------------
sudo mkdir /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -out /etc/apache2/ssl/server.crt -keyout /etc/apache2/ssl/server.key
as Common Name I filled in: www.hutte.local
sudo a2enmod ssl
sudo service apache2 restart
sudo ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/000-default-ssl.conf
sudo nano /etc/apache2/sites-enabled/000-default-ssl.conf
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key
sudo service apache2 restart
----------------------------------------------------------------------------------------------------------------------------------
When trying to connect via a Window 10 worrkstation with browser Mozilla Firefox (https://www.hutte.local) I get always an error:
www.hutte.local uses an invalid security certificate.
The certificate is not trusted because it is self-signed.
Error code: SEC_ERROR_UNKNOWN_ISSUER

Has anyone an idea how to solve this?

User avatar
DougieLawson
Posts: 34168
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: HTTPS vs HTTP

Sun Sep 17, 2017 10:31 am

Use https://certbot.eff.org it does it all for you.
Note:The use of baseball bats for educational purposes is completely disallowed on this forum.

Any DMs sent on Twitter will be answered next month.

gabriel.rosseel
Posts: 128
Joined: Fri May 05, 2017 8:21 am

Re: HTTPS vs HTTP

Sun Sep 17, 2017 11:05 am

thank you; I'll give it a try.
but I have 1 question:
Does it also works for Intranet instead of Internet.
I ask this question bcause I think the encrytion part of SSL/TLS seems to work (wireshark says so).
but the other part of SSL namely Identification doesn't seem to work: the browser doesn't get any information from a CA
Does it makes sense what I am saying and can it be SSL be used in a none Internet environment?
thanks in advance

User avatar
DougieLawson
Posts: 34168
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: HTTPS vs HTTP

Sun Sep 17, 2017 11:39 am

Certbot gives you a internet/intranet public certificate for your website. It's all based on domain name so you may need to get a domain from http://freedns.afraid.org if you don't have one registered.
Note:The use of baseball bats for educational purposes is completely disallowed on this forum.

Any DMs sent on Twitter will be answered next month.

dazbobaby
Posts: 3
Joined: Tue Jun 30, 2015 9:09 pm
Contact: Website

Re: HTTPS vs HTTP

Tue Feb 06, 2018 4:02 pm

I've just noticed the referral link, my thanks :)
The-Bionic-Cyclist.
aka dazbobaby

I also updated the blog to point to the certbot... my way was easy, the certbot is easier and better.
My Pi Blog https://the-bionic-cyclist.co.uk/

Return to “Beginners”