Hi!
When accesing the web interface or owncloud I get the message in the url box in my browser that the connection is insecure and something about certficates. Any idea how I can make the connection (the certificate) get verified?
Thanks!
Hi!
When accesing the web interface or owncloud I get the message in the url box in my browser that the connection is insecure and something about certficates. Any idea how I can make the connection (the certificate) get verified?
Thanks!
Your server certificate needs to be in the trusted certificates in your browser. Adding it manually can be tedious, especially when you have a lot of clients.
Maybe Nethserver should have a certificate module that automatically uses something like https://letsencrypt.org/
You can also buy and install it:
http://docs.nethserver.org/en/latest/base_system.html?highlight=certificate#install-a-custom-certificate
I bet that @giacomo can add more details about letsencrypt dev status
http://dev.nethserver.org/issues/3355
Could you describe how I can add this certificate manually (or where I can find the certificate on the server)?
Check my link above!
If you want to try it, I just pushed Let’s Encrypt support for NS 6.
See: http://dev.nethserver.org/issues/3355
That’s a really good news! Thanks for sharing. @dz00te would you mind to add it to your list?
I generated the certificate and can see it, but I am not sure how to install it in a browser. Since I have to import a .crt file I guess, do I just have to copy the certificate into a text file and save .crt?
You may put crt here:
/etc/pki/tls/certs/
and your key here:
/etc/pki/tls/private
Then
db configuration setprop pki CrtFile '/etc/pki/tls/certs/your_certificate.crt'
db configuration setprop pki KeyFile '/etc/pki/tls/private/your_privatekey.key'
Lastly:
signal-event certificate-update
Yes I read that, but still my question remains: how do I get the .crt and .key files. I generated the certificate and I see it in the web interface. Where are those files saved and under what name on the server?
Maybe I weren’t clear enough, you have to buy them from your certification authority and install on NethServer
I see. Since Let’s Encrypt is a certification authority I could use this, right (and it is free)?
Yes it is.
You can try by installing packages from testing and follow instruction written inside the issue.
I’m doing a little fix, if you can wait a couple of hours I will also put a mini-howto on discourse
Ok, I’m not speaking about let’s encrypt here. Let’s encrypt isn’t supported yet since currently on QA http://dev.nethserver.org/issues/3355
I was referring to installing a custom certificate obtained from a CA
That would be great. Thanks! I will wait then
Yes I understand. I was just asking. Thanks!
Take a look to: NethServer 6.7 02/16 updates & Let's Encrypt
Many thanks for this!
Since I just use a public IP address to reach the server from outside - is it possible to set this up (Let’s Encrypt) without having a public domain name?
No, it’s not.
But you could use a free domain name service (like https://freedns.afraid.org/).