Koozali.org: home of the SME Server

Obsolete Releases => SME Server 9.x => Topic started by: alanh on March 25, 2019, 03:49:55 AM

Title: SSL Certificate for SME
Post by: alanh on March 25, 2019, 03:49:55 AM

I have an ibay (available to internet - no password required) that I use for putting files that need to be accessed by our ecommerce system to update our store via url (images etc).  I have tested it with http access and works fine but would like to have https access which doesn't work, I presume because there is not SSL certificate.
We have no website on the server , I only need the files to be available by url . So there is no domain name, we just have a ddns name for our static IP. 
Do I need to purchase a SSL certificate to make this work. Not done this part of it before so any help appreciated.
If so how do I install?
thanks

Title: Re: SSL Certificate for SME
Post by: mmccarn on March 25, 2019, 04:33:09 AM

The letsencrypt (https://wiki.contribs.org/Letsencrypt) contrib lets you get a free ssl cert for any hostname that you control.

Should be pretty straightforward.

Title: Re: SSL Certificate for SME
Post by: janet on March 25, 2019, 08:37:40 AM

alanh

Re https, what does "doesn't work" mean ?

You can use the default SME server self signed certificate, but your ecommerce team would have to add an exception &/or include your self signed certificate in their browsers trusted certificate store.
If they are the only people accessing the site via https, then it is a pretty easy fix for them to do.

If you have an ecommerce site hosted on the SME server, then I would have thought you would want a good quality commercial certificate installed on the server anyway, for all users to see a trusted ecommerce site ???
Of course letsencrypt will provide that.

Title: Re: SSL Certificate for SME
Post by: ReetP on March 25, 2019, 02:13:10 PM

For reference this is a follow on to this forum post (should really have stayed on the one post as it is all related to the same issue)

https://forums.contribs.org/index.php/topic,53942.0.html

Quote

So there is no domain name, we just have a ddns name for our static IP

Why have a Dynamic DNS name for a Static IP ??? Just doesn't make any sense! A DDNS is name is really for Dynamic IPs (yes of course it works on static IPs)

As Janet said you could:

1. use the self signed SME certificate and get your developers to accept it
2. use an existing SSL certificate if you have paid for one for your ecommerce site
3. use a Letsencrypt free SSL certificate

Title: Re: SSL Certificate for SME
Post by: Jean-Philippe Pialasse on March 26, 2019, 11:49:58 AM

Still a properly comfigured ddns name could be used with let’s encrypt. At the end this is still a subdomain pointing to the right server