A few days ago, I created a post on how to redirect the HTTPS external traffic to a Jeedom in a private network.
Everything will work but you'll see in your browser that the website isn't secure. The reason is that there is no certificate available on your webserver (on your Jeedom).
To generate, use and auto renew a certificate we'll use CertBot
Certbot is a free, open source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.
Certbot is made by the Electronic Frontier Foundation (EFF), a 501(c)3 nonprofit based in San Francisco, CA, that defends digital privacy, free speech, and innovation.
First, open a SSH connection to your Jeedom.
Install snapd
sudo snap install core; sudo snap refresh core
Install Certbot
sudo snap install --classic certbot
Check if you can run the certbot command
sudo ln -s /snap/bin/certbot /usr/bin/certbot
To get a certificate and have certbot automatically change your Apache configuration to serve it and to turn on HTTPS access in a single step, use the following command:
sudo certbot --apache
The certbot comes with a cron to automatically renew your certificate. But if you want to check if the auto renewal is working, you can use this command:
sudo certbot renew --dry-run
If it completes without errors, your certificate will be renewed automatically.
Please note that your HTTP(80) and HTTPS(443) port must be opened or the auto renewal will not work.
Now you can try to access your Jeedom with the HTTPS url and you'll see that the browser will display that the connection is "secure".
As a wise man said once:
HTTPS & SSL doesn't mean "trust this." It means "this is private." You may be having a private conversation with Satan.
— Scott Hanselman (@shanselman) April 4, 2012
Please note that you'll need to change your Jeedom configuration to add the HTTPS URL (and port) to be able to use the HTTPS URL to access Jeedom.
comments powered by Disqus