I'm using the letsencrypt option of KeystoneJS to automatically configure and maintain HTTPS information for my project. I'd like to be able to configure this to work with a custom domain on Heroku; I've followed a previous guide to actually configure the HTTPS (which appears to work), but when I load HTTPS on my site, it says that my certificate is only applicable for *.herokuapps.com, and not for my actual domain. Do I need to configure the Heroku SSL Beta addon in order for HTTPS to explicitly work with my domain? If I do, how can I provide it with the keys and certificates that it asks for, even though my HTTPS information is being generated on the server and not locally? (Rather, how might I be able to generate that information locally, then have both Keystone and Heroku use identical information)?
EDIT: As I understand it, I can manually pass a certificate and key to the SSL options in Keystone, but I have no way of automatically maintaining those certificates unless I instantiate them with the letsencrypt Keystone option (as far as I know). I'm still confused how I can manually create the keys/certificates the first time, then use letsencrypt to maintain and update them (and then communicate the new information with Heroku when they need to be updated).
I ended up figuring out how to upload the certificate to Heroku after creating it with Let's Encrypt. It isn't automatic and needs to be manually re-uploaded every three months, but it's better than nothing.
I wrote a guide about how to solve this issue, which you can read here. I used Windows 10 for the process, but it should be fine on Mac OS X/Linux as well.
Related
I have an ASP.NET Core app running on my local machine. I'm trying to test that app via some code I wrote in Node.js. In that code, I'm using Axios. The following code generates an error that says: "Unable to verify the first certificate". The code is this:
let result = await axios.get('https://localhost:5001/');
I have seen several solutions posted on SO, however, none explain the issue. I don't understand 1) what's safe (we're dealing with certificates here) and 2) where the change needs to be made (i.e. in the Node app or in the ASP.NET Core app, or even changes on both sides).
How do I safely allow Node.js to access the ASP.NET Core app running locally on my machine?
Thank you!
ASP.NET Core will be using a self-signed certificate after installing it. Since it is self-signed, there is no reason for it to be trusted. And you need to trust it manually or suppress this error. (Which means you need to accept untrusted certificates while requesting)
Since in production environment, you can use your own certificate which might from a trusted provider like Let's encrypt, you don't need to worry about that issue.
Questions:
what's safe (we're dealing with certificates here)
"Safe" for the HTTPS means that it needs to verify the server-side certificate is always trusted.
where the change needs to be made (i.e. in the Node app or in the ASP.NET Core app, or even changes on both sides).
No there doesn't need to change anything. Just trust the self-signed certificate is fine.
To trust the certificate run 'dotnet dev-certs https --trust' (Windows and macOS only).
Learn about HTTPS: https://aka.ms/dotnet-https
I have read all the post related to this and it is not working (or i'm just doing the steps in wrong order). The connection is corporate network. No, the IT people wont help and let me change the https proxy address (because i am learning this now and they don't want any risk)
How to create react app without compromising the security?
Or is there alternative way i can create react app (just for learning purpose) in visual studio code?
I'm trying to deploy a CRA on Lightsail and I'm having issues with the SSL cert and DNS.
I have tested the A record with no errors. http://52.40.123.5:3000/ displays my react app but abechoi.com does not, even if I click on advanced.
I added "homepage": "http://abechoi.com", no change.
As for the SSL, I found a free cert.pem and key.pem off a website and I tried running "HTTPS=true SSL_CRT_FILE=cert.pem SSL_KEY_FILE=key.pem npm start", no change, possibly because the domain name has issues.
Anyways, if anyone could offer some kind of help, I would greatly appreciate it. From what I've read AWS Amplify is easier but I want more experience working my way around a Linux CLI.
You can issue a Free SSL using let's encrypt and then use it for your node command line:
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-using-lets-encrypt-certificates-with-wordpress
ignore the Wordpress part here, you just need to get the pem files and hook it to node
I have a ReactJS project for my Front and a NodeJS project/server using Express for my back. My Front depends on my Back because for example in the Login part, I ask the server if the user is already in our database.
To execute my project, I just open 2 terminals and do npm start in each Front and Back.
I know that in order to upload a website with a personal domain name, I should:
Buy a domain name
Pay a subscription to a web-hosting website like GoDaddy, Bluehost, Hostgator etc.
If I pay a subscription to some web-hosting website, will I be able to put my Front AND Back? I have seen some tutorials online and people just make a simple HTML/CSS/JS website and upload it. I never see anyone uploading their own Server and making requests to it.
I'm not asking to merge both my Front and Back. I want to know how do people upload online their React front and Node Server online, for them to be always executed and talking to each other. I just can't see the relationship and explanation on how uploading both.
Your react frontend doesn't really need a server, you'd need to build a release bundle and that can be served from any static filehoster. For your backend though you need a node.js hoster like AWS or heroku, follow their tutorials to upload your project.
You could also then serve both from the same hoster and read into connecting frontend and backend like mentioned by #FedeSc
An easy solution for your use case could be digitalocean or any similar site that offers a whole virtual system to operate with. You can then ssh into the server as it was your computer and use the terminal there. It is cheaper than Heroku if you wish to make your site available without 30 seconds waiting time (that is what Heroku does in a serverless fashion if you are on a free plan). There are dozens of sites like this but I had good experience with digitalocean and a basic plan is $5/mo.
I have a node/socket.io chat app on OpenShift. The directory layout is the following:
I would like to start using SSL on the site, specifically with Let's Encrypt, which is free. However, no matter how many tutorials I Google and try out (on a separate hosting for testing, of course), I simply can't make it work properly.
I'm sure to some this is a silly question, but I'd appreciate if someone could tell me how to do this with OpenShift.
If anyone knows of an easy to understand, step by step tutorial, I would appreciate a link.