Since the app needed trusted certificates, just using a self-signed certificate would be unwieldy, probably needing the installation of our own cert chain on each device or something like that.
Also, since free SSL certificates from https://letsencrypt.org/ need updating every 60/90 days, buying a certificate may be an option with fewer hassles for this internal server with no external ip address.
has low-cost options. Most probably the lowest cost one will work, can ask nettigritty support if you have doubts.
There are lots of step-by-step tutorials on how to install, like
A week later, the reply was,
it is just a java application running with java.NO Apache. nginix is found. so tried installing with let's encrypt website using ngnixgetting thie error...Detail: DNS problem: NXDOMAIN looking up A for theinternaldomain.net - check that a DNS record exists for this domain; DNS problem: SERVFAIL looking up AAAA for theinternaldomain.net - the domain's nameservers may be malfunctioningHint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
My reply was,
You will probably need to buy a certificate and install it, as mentioned in the first email in this thread.
Since theinternaldomain.net is not a publicly available DNS record, certbot cannot resolve it.
If the server is a java application running on some port, say 5000, you will need to run ngnix or apache as a reverse proxy, and install the certificate for apache/ngnix.
The reverse-proxy config for apache is mentioned here,
(but of course, don't use certbot, purchase and install a cert instead as mentioned in the first email in this thread.)
No comments:
Post a Comment