Configuring HTTPS for the Server

February 04, 2020

Today I’m adding HTTPS support to my new All in One Server by registering a domain name and installing an SSL certificate from Lets Encrypt.

Registering and setting up the domain

I registered a new domain with Namecheap - $1 USD for a year? Done!

I used this tutorial to configure the domain to work with my Digital Ocean Droplet. It was implemented quite quickly and now I could access my server at http://imade-aserver.xyx!

Setting up virtual hosts for Apache

Next, I set up the virtual hosts as recommended by the Apache tutorial I was following.

sudo mkdir /var/www/imade-aserver.xyz
sudo chow -R $USER:$USER /var/www/imade-aserver.xyz
sudo chown -R $USER:$USER /var/www/imade-aserver.xyz
sudo chmod -R 755 /var/www/imade-aserver.xyz
nano /var/www/imade-aserver.xyz/index.html
sudo nano /etc/apache2/sites-available/imade-aserver.xyz.conf
sudo a2ensite imade-aserver.xyz.conf
sudo a2dissite 000-default.conf
sudo apache2ctl configtest
sudo systemctl restart apache2

Registering an SSL certificate

Now that I have a domain name I can install the SSL certificate and configure https using this tutorial.

sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-apache

While configuring the firewall I discovered I still had port 3000 open so I deleted those rules:

sudo ufw status
sudo ufw delete 1
sudo ufw status
sudo ufw delete 4
sudo ufw status

In the end I already had Full Apache enabled so no need to reconfigure that:

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
8080                       ALLOW       Anywhere
Apache Full                ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)
8080 (v6)                  ALLOW       Anywhere (v6)
Apache Full (v6)           ALLOW       Anywhere (v6)

Finally use certbot with an incredibly easy command to obtain and configure the certificate automatically and test the auto-renewal:

sudo certbot --apache -d imade-aserver.xyz -d www.imade-aserver.xyz
sudo certbot renew --dry-run

Success! Now I have the little padlock when I go to https://imade-aserver.xyz and http://imade-aserver.xyz!

Next steps is to remember what other projects I wanted to use this server for…

Post Details

- Author:
- Twulz
- Categories:
- Things (92)
- Software (33)
- Server-App (18)
- Tags:
- Node-App (22)
- Server-App (18)
- Server (24)
- Security (3)
- HTTPS (2)
- Domain (1)
- DNS (1)
- Apache (4)
- Reverse-Proxy (3)

31-08-2021: Jenkins Updates for the Server-App
28-08-2021: Changing the domain and Jenkins reconfiguration
23-08-2021: Server App Updates
08-09-2020: Refactoring the Server App to Remove Knex
17-03-2020: Testing the Authentication Routes in Mocha

Configuring HTTPS for the Server

Registering and setting up the domain

Setting up virtual hosts for Apache

Registering an SSL certificate

Post Details

Related Posts

About Me

Recent Posts

Archives