How to get SSL certificate for homemade webserver - javascript

I've created my own webserver using Node.js ans is using it with my DNS from webhost routed to my raspberry pi at home.
How do I prepare the webserver and all the files for getting an SSL certificate using Let'sencrypt?
I've not made any work prior to getting the SSL other than creating the server to run on localhost. Now it's running on a public ip while using my purchased DNS.
I haven't been able to find any litterature other than the off the shelf webservers like apache and such and I really want to run with my own.

Related

How do I make my electron apps communicate locally between different machines

I have two electron apps. One is a server on machine1 and another is a client on machine2.
When I start the server from the electron app on machine1, I want machine2 (the client) to be able to be able to receive and send data to machine1 (the server).
I tried using http://localhost approach which works for the app during development but doesn't work for the packaged app which is installed on the machine.
Please help. Thanks
When you package an Electron app, it is no longer running on localhost, it runs on the IP address of the machine on which it is installed.
To establish communication between the server and client apps, you will need to use the IP address of the machine on which the server app is running. You can use the os module in Node.js to determine the IP address of the machine on which the server app is running. Once you have the IP address, you can use it to connect the client app to the server app.
You can also use a package like ip to get the IP address of the machine.
const ip = require('ip');
console.log(ip.address());
Hope this helps.

How connect to Html page with node.js server and aws virtual machine

I'm trying to install a node.js server for a sentiment analysis service with my Twitter account that retrieve the tweets on my profile and provides a statistical output and saves them on a Mongo db istance.
I have uploaded my node.js code on an AWS virtual machine with an public IP address and with the permission to create an endpoint with HTTP and HTTPS protocols.
I have installed successfully the node.js code on AWS virtual machine with Windows Server 2019 OS, with the npm install -g -n command with 0 dependencies errors, and when I try to connect to the AWS virtual machine with http://ip_public_address:8080 I get the error "impossible to connect - err-connection_timeout".
This is the link to the github project that I need to install and to work on AWS virtual machine:
https://github.com/thisandagain/sentiment
Maybe I am confused about how to connect with the index.html page via AWS virtual machine and I don't know if this page must be retrieved with a IP public address or localhost parameter and what is required, at node.js level code, in order to enable the AWS virtual machine to respond to my browser with the content of index.html page.
Please can you give me advices about to implement successfully this project?
Thanks
Filippo
You don't mention security groups in your question at all, so the likely cause is that you never opened port 8080 in the security group assigned to the EC2 instance. You may also need to open that port in the Windows firewall on that server.

SSL With node / IIS

My current setup with the company i've joined is IIS is being used as our main web server, using a CA signed certificate. I've got access to the certificate.pdx aswell as the private key.
I've setup a https node API server to handle some real time stuff / act as a simple additional middle layer, but my website is being served through IIS. The flow of the application is something like this.
1) Visit web page where IIS will then serve it
2) Click on a button, which then makes a GET request to my node server
IIS NODE
E.g 100.10.10.10:3000/mypage > Click Button > 100.10.10.10:4000/myGetRequest
At the minute i'm just using self signed in my development environment, and manually accepting the certificates.
My question is can I just use the same certificate that IIS is using on my node HTTPS server, or do I need a different one?
It would be best if the IIS could proxy the requests to your Node app. That way your Node app wouldn't even need a certificate (if it's on localhost). See this answer for more details:
Configuring HTTPS for Express and Nginx
It uses the example of nginx but you should be able to proxy the requests with IIS as well. See this tutorial:
Setup IIS with URL Rewrite as a reverse proxy for real world apps

JavaScript GetUserMedia using Chrome with localhost without HTTPS

I didn't know how to express it in the title, but I'm having an issue with Chrome.
I'm trying to use GetUserMedia() and GetPosition() in Chrome. I know that it requires SSL certification first, unless you're on localhost. The thing is, I can't try my project on my computer, so I must use my smart phone, and in order to access localhost through my smartphone, I must use the machine's IP address (192.168.1.4). The problem is that Chrome doesn't consider this IP address as localhost, so it requires an SSL certificate.
Is there any way I can test my project on my smartphone without having to install an SSL certififcate?
Add your IP address to Chrome's Insecure origins treated as secure setting.
Go to chrome://flags/#unsafely-treat-insecure-origin-as-secure in Chrome.
Find the Insecure origins treated as secure setting.
Enable it.
Enter in http://cntral.me:3000.
Relaunch Chrome.
Voila!
See https://medium.com/#Carmichaelize/enabling-the-microphone-camera-in-chrome-for-local-unsecure-origins-9c90c3149339 for a good walkthrough as well.
You can use a service like https://ngrok.com/ to map a public DNS address with SSL certificate to a port on your local machine.
I assume you're trying to host a Web service on a computer and access it from a smart phone using the hostname localhost.
Two options come to mind:
First, if your smart phone is rooted, you can change /etc/hosts so that the name localhost resolves to 192.168.1.4 instead of to 127.0.0.1.
Second, if you can run an SSH server on your computer, you can set up an SSH client on your phone to forward traffic on some port to another port on a different machine.
For example, in ConnectBot for Android, you can
create a profile for your computer running an SSH server on 192.168.1.4
long-press the profile, and select "Edit port forwards" and then "Add port forward" from the port forwarding menu
configure it to "Local" and then choose a local source port that can be claimed by a non-root user on your phone (say, 8080) and on the bottom line, use localhost:80 (or whatever port the computer is running the service on) to make the SSH server have the forwarding tunnel direct to itself on port 80
This will cause all traffic directed at localhost:8080 on your phone to go to 192.168.1.4:80 on your computer. The browser has no idea that the localhsot:8080 service is actually just an SSH tunnel to 192.168.1.4:80, so it will treat it like any other localhost address.
You can do this without an SSL certificate at all by tunneling the webserver to your phone's localhost.
I use termux to run this command (on the phone itself):
ssh -L 8080:localhost:8080 192.168.0.172
(Leave the ssh session open)
Then go to http://localhost:8080/ on your phone.
If you don't want the session to time out, you can use autossh:
autossh -M 0 -L 8080:localhost:8080 192.168.0.172
Important note: Your development machine (or dev server) needs to be accessible through ssh. For Linux, this can be done by installing open-ssh and enabling/starting the sshd service. You can look up guides for this online.

How can I establish a secure connection to a websocket on localhost?

We have an application which we run on a POS terminal, that should receive data from an application running on the same machine, while displaying content from a remote site which is loaded over HTTPS.
To receive the data from the local application, we want to use websockets, which is working fine so far. However, when the site we're displaying is loaded over HTTPS, the websocket connection is required to be encrypted as well.
Because we can't really get a proper certificate for localhost, we're just using a self-signed one. But Chrome won't connect to a websocket that uses a self-signed certificate.
How can we resolve this problem? We can't use an unencrypted websocket, we can't use a self-signed certificate for the encrypted one and we can't get a signed certificate for localhost. What option am I missing?
If you have admin privileges on the POS terminals, how about adding a line to the HOSTS file like:
127.0.0.1 localhost.mycompany.com
Now you can use a real certificate for localhost.mycompany.com in the server application.

Categories