hrolsons
asked on
Make http:// =====> https://
I need to get a FreeBSD server to show secure content, so I think I need a certificate, but I'm not sure where to start. I'm trying to secure:
<img src="http://www.smileatyou.com/ebay/pnp/cph/3c20000/3c22000/3c22400/00649506.jpg">
to<img src="https://www.smileatyou.com/ebay/pnp/cph/3c20000/3c22000/3c22400/00649506.jpg">
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Steps...
1) You must have a Webserver running.
Apache is the gold standard for fast throughput + easy HTTPS + HTTP2 setup.
2) You'll generate a cert, per the above URL.
3) You'll configure the cert...
https://www.experts-exchange.com/questions/29137540/How-to-Get-Apache-on-MAMP-Pro-to-only-server-HTTPS.html provides 1x approach.
4) You'll be good to go!
1) You must have a Webserver running.
Apache is the gold standard for fast throughput + easy HTTPS + HTTP2 setup.
2) You'll generate a cert, per the above URL.
3) You'll configure the cert...
https://www.experts-exchange.com/questions/29137540/How-to-Get-Apache-on-MAMP-Pro-to-only-server-HTTPS.html provides 1x approach.
4) You'll be good to go!
ASKER
Yes, I have Apache running. I'm trying to install the https://LetsEncrypt.org certs but I'm not getting anywhere. I started with just trying to find Certbot, to no avail:
root@mail:/usr/local/etc/ssl # find certbot
find: certbot: No such file or directory
root@mail:/usr/local/etc/ssl # locate certbot
root@mail:/usr/local/etc/ssl #
ASKER
Should I start a new thread on how to install SSL on FreeBSD? I'm totally lost.
Hi,
Which port are you using for your virtual host? try to use port 80.
Here some tutorial to help you:
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-letsencrypt-freebsd
https://certbot.eff.org/lets-encrypt/freebsd-nginx.html
https://linuxhint.com/setup-lets-encrypt-freebsd/
A bug was submitted in january this maybe relatedto your problem
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252776
Which port are you using for your virtual host? try to use port 80.
Here some tutorial to help you:
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-letsencrypt-freebsd
https://certbot.eff.org/lets-encrypt/freebsd-nginx.html
https://linuxhint.com/setup-lets-encrypt-freebsd/
A bug was submitted in january this maybe relatedto your problem
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252776
1) You said, "I started with just trying to find Certbot, to no avail"...
Certain steps are a given... self-evident... require no explanation...
Like, you must install certbot before you can use certbot.
How you install certbot depends on your Distro + which version of certbot you prefer to run.
All this relates to a good bit of research on your part.
For example, my approach, I'd never run FreeBSD, because this will lead to expanded work (hours of work) required to accomplish simple tasks. I use Ubuntu Focal (latest LTS), because this optimizes my time... so I'd skip hours of work (each day sometimes) over people choosing other Distros.
Since you've chosen FreeBSD, you'll have to research how to install certbot on FreeBSD.
2) You asked, "Should I start a new thread on how to install SSL on FreeBSD? I'm totally lost."
You can do this... and... likely comments for this question will be people...
Searching for - how to install letsencrypt apache freebsd - then returning you 1x of the top guides returned in search results.
This would be the search I'd do, if I were forced to install an Apache + LetsEncrypt + FreeBSD stack.
3) Per above, the following URL talks about how to generate your initial cert, then setup renewals...
After you install certbot onto FreeBSD...
https://www.experts-exchange.com/questions/29137540/How-to-Get-Apache-on-MAMP-Pro-to-only-server-HTTPS.html
Certain steps are a given... self-evident... require no explanation...
Like, you must install certbot before you can use certbot.
How you install certbot depends on your Distro + which version of certbot you prefer to run.
All this relates to a good bit of research on your part.
For example, my approach, I'd never run FreeBSD, because this will lead to expanded work (hours of work) required to accomplish simple tasks. I use Ubuntu Focal (latest LTS), because this optimizes my time... so I'd skip hours of work (each day sometimes) over people choosing other Distros.
Since you've chosen FreeBSD, you'll have to research how to install certbot on FreeBSD.
2) You asked, "Should I start a new thread on how to install SSL on FreeBSD? I'm totally lost."
You can do this... and... likely comments for this question will be people...
Searching for - how to install letsencrypt apache freebsd - then returning you 1x of the top guides returned in search results.
This would be the search I'd do, if I were forced to install an Apache + LetsEncrypt + FreeBSD stack.
3) Per above, the following URL talks about how to generate your initial cert, then setup renewals...
After you install certbot onto FreeBSD...
https://www.experts-exchange.com/questions/29137540/How-to-Get-Apache-on-MAMP-Pro-to-only-server-HTTPS.html
Aside: The biggest problem running any non-Ubuntu LTS Distro.
You can run any Distro you like.
Primary consideration for me, as I manage 1000s of projects, relates to time optimization.
If you're independently wealthy or have lot's of time... chose any Distro you like...
If you must have latest stable software - Apache + MariaDB + PHP + OpenSSL - packaged a few days after release, available for installation...
Then Ubuntu Focal is the most time optimal Distro to install.
For example, consider certbot...
Primary certbot development occurs on only 1x branch of the certbot code...
And there are many old branches.
With Ubuntu, this is handled simply...
After which, any time certbot updates release, they are auto-magically installed on your system... with zero human intervention...
With FreeBSD, you'll have to first research...
1) "How do I even figure out how to access the correct certbot code version?"
2) "How do I install updates?"
You'll have to do this daily, because if you miss a certbot update which causes certbot to crash (very common), then all your auto-renewals will start failing, then in 10x days, all your sites will go offline, because 10x days before expiration is the time certbot starts attempting to auto-renew sites.
3) "How do I track when certbot fails?"
Becomes an issue if you fail to use the snap certbot version.
4) This all drives to the initial first question hardly anyone asks with starting down a particular path.
Which relates to how many hours/day is my choice going to cost me, aggregated across the life of my project?
If project life is a few days, no consideration is required... Fast + Sloppy == Best.
If project life will be decades... Do Once + Forget Forever == Best.
You can run any Distro you like.
Primary consideration for me, as I manage 1000s of projects, relates to time optimization.
If you're independently wealthy or have lot's of time... chose any Distro you like...
If you must have latest stable software - Apache + MariaDB + PHP + OpenSSL - packaged a few days after release, available for installation...
Then Ubuntu Focal is the most time optimal Distro to install.
For example, consider certbot...
Primary certbot development occurs on only 1x branch of the certbot code...
And there are many old branches.
With Ubuntu, this is handled simply...
snap install certbot
After which, any time certbot updates release, they are auto-magically installed on your system... with zero human intervention...
With FreeBSD, you'll have to first research...
1) "How do I even figure out how to access the correct certbot code version?"
2) "How do I install updates?"
You'll have to do this daily, because if you miss a certbot update which causes certbot to crash (very common), then all your auto-renewals will start failing, then in 10x days, all your sites will go offline, because 10x days before expiration is the time certbot starts attempting to auto-renew sites.
3) "How do I track when certbot fails?"
Becomes an issue if you fail to use the snap certbot version.
4) This all drives to the initial first question hardly anyone asks with starting down a particular path.
Which relates to how many hours/day is my choice going to cost me, aggregated across the life of my project?
If project life is a few days, no consideration is required... Fast + Sloppy == Best.
If project life will be decades... Do Once + Forget Forever == Best.
ASKER