Running server on home network with HTTPSI can't get my domain to point to my serversetting up an ssh server behind a routerUnable to route to website in home networkWhy can't I make a SSH over HTTPS tunnel to my home server?2 domains with 2 certificates, 1 public IP, 1 nginx serverAccess home network from an external IP addressRASPBERRY behind the firewall one one NETWORK to be visible over another network via VPNSSL certificate for connection to home server through socatBlock Let's Encrypt validation protocol for clients on guest networkCannot connect to reverse forwarded port 443 on AWS EC2 instance
If you attack a Tarrasque while swallowed, what AC do you need to beat to hit it?
Are there any crystals that are theoretically possible, but haven't yet been made?
Is it a good idea to teach algorithm courses using pseudocode instead of a real programming language?
Failing students when it might cause them economic ruin
What does it mean for a program to be 32 or 64 bit?
Why could the Lunar Ascent Engine be used only once?
In Dutch history two people are referred to as "William III"; are there any more cases where this happens?
Could a chemically propelled craft travel directly between Earth and Mars spaceports?
Why were early aviators' trousers flared at the thigh?
In how many ways can we partition a set into smaller subsets so the sum of the numbers in each subset is equal?
Should I twist DC power and ground wires from a power supply?
Is presenting a play showing Military charactes in a bad light a crime in the US?
How to convince boss to spend notice period on documentation instead of new projects
Richard's Favourite TV Programme
How to make labels automatically scale in size to fit between 2 coordinates in tikz?
Bookshelves: the intruder
Why should one apply for UK visa before other visas, on a multi-destination European holiday?
Bash - Execute two commands and get exit status 1 if first fails
Novel where a cube cooled below absolute zero makes a hole in reality
Head-internal relative clauses
What's is the easiest way to purchase a stock and hold it
Is my company merging branches wrong?
Can a Warforged have a ranged weapon affixed to them like an armblade?
Germany rejected my entry to Schengen countries
Running server on home network with HTTPS
I can't get my domain to point to my serversetting up an ssh server behind a routerUnable to route to website in home networkWhy can't I make a SSH over HTTPS tunnel to my home server?2 domains with 2 certificates, 1 public IP, 1 nginx serverAccess home network from an external IP addressRASPBERRY behind the firewall one one NETWORK to be visible over another network via VPNSSL certificate for connection to home server through socatBlock Let's Encrypt validation protocol for clients on guest networkCannot connect to reverse forwarded port 443 on AWS EC2 instance
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
Like the title suggests, I am trying to configure my server to serve traffic with HTTPS. I am already able to expose the server and receive information from it, just simply without HTTPS. There are a few interesting details that I will get into, but this is the main goal.
- I have a Go server running on a raspberry pi on my home network that I am using as a personal API.
- I port-forwarded port 80 and 443 of my home network and pointed it to my raspberry pi's static ip address
- I own a domain that I am pointing to my home network ip.
- My go server is running on port 8088, so I use nginx to forward requests from the base ip to my server's port.
So far this is all working perfectly, except I would like to allow my server to utilize HTTPS. My question is I have a lot of moving parts in this setup, so what would be responsible for ensuring HTTPS? The domain, my nginx config, the server itself or a combination of all. I am unsure.
Just looking for some direction in enabling HTTPS for this server, thanks!
linux networking port-forwarding raspberry-pi https
asked 5 hours ago
Alex MontagueAlex Montague
112
New contributor
Alex Montague is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Like the title suggests, I am trying to configure my server to serve traffic with HTTPS. I am already able to expose the server and receive information from it, just simply without HTTPS. There are a few interesting details that I will get into, but this is the main goal.
- I have a Go server running on a raspberry pi on my home network that I am using as a personal API.
- I port-forwarded port 80 and 443 of my home network and pointed it to my raspberry pi's static ip address
- I own a domain that I am pointing to my home network ip.
- My go server is running on port 8088, so I use nginx to forward requests from the base ip to my server's port.
So far this is all working perfectly, except I would like to allow my server to utilize HTTPS. My question is I have a lot of moving parts in this setup, so what would be responsible for ensuring HTTPS? The domain, my nginx config, the server itself or a combination of all. I am unsure.
Just looking for some direction in enabling HTTPS for this server, thanks!
linux networking port-forwarding raspberry-pi https
asked 5 hours ago
Alex MontagueAlex Montague
112
New contributor
Alex Montague is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Like the title suggests, I am trying to configure my server to serve traffic with HTTPS. I am already able to expose the server and receive information from it, just simply without HTTPS. There are a few interesting details that I will get into, but this is the main goal.
- I have a Go server running on a raspberry pi on my home network that I am using as a personal API.
- I port-forwarded port 80 and 443 of my home network and pointed it to my raspberry pi's static ip address
- I own a domain that I am pointing to my home network ip.
- My go server is running on port 8088, so I use nginx to forward requests from the base ip to my server's port.
So far this is all working perfectly, except I would like to allow my server to utilize HTTPS. My question is I have a lot of moving parts in this setup, so what would be responsible for ensuring HTTPS? The domain, my nginx config, the server itself or a combination of all. I am unsure.
Just looking for some direction in enabling HTTPS for this server, thanks!
linux networking port-forwarding raspberry-pi https
asked 5 hours ago
Alex MontagueAlex Montague
112
New contributor
Alex Montague is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Like the title suggests, I am trying to configure my server to serve traffic with HTTPS. I am already able to expose the server and receive information from it, just simply without HTTPS. There are a few interesting details that I will get into, but this is the main goal.
- I have a Go server running on a raspberry pi on my home network that I am using as a personal API.
- I port-forwarded port 80 and 443 of my home network and pointed it to my raspberry pi's static ip address
- I own a domain that I am pointing to my home network ip.
- My go server is running on port 8088, so I use nginx to forward requests from the base ip to my server's port.
So far this is all working perfectly, except I would like to allow my server to utilize HTTPS. My question is I have a lot of moving parts in this setup, so what would be responsible for ensuring HTTPS? The domain, my nginx config, the server itself or a combination of all. I am unsure.
Just looking for some direction in enabling HTTPS for this server, thanks!
linux networking port-forwarding raspberry-pi https
linux networking port-forwarding raspberry-pi https
asked 5 hours ago
Alex MontagueAlex Montague
112
New contributor
Alex Montague is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 5 hours ago
Alex MontagueAlex Montague
112
New contributor
Alex Montague is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 5 hours ago
Alex MontagueAlex Montague
112
New contributor
Alex Montague is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 5 hours ago
Alex MontagueAlex Montague
112
asked 5 hours ago
Alex MontagueAlex Montague
112
112
New contributor
Alex Montague is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Alex Montague is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
HTTPS should be handled by the nginx server, which should be listening on port 443. It can listen on port 80 as well, but it's best that either serve HTTP or redirect to HTTPS (port 443) as this is normal behavior. You do not need any DNS configuration. Applications will typically recognize default ports 80 as HTTP and 443 as HTTPS.
It's best that an application like nginx handle the difficulties of properly handling high performance HTTP and HTTPS so you don't need to think about those things for your web app (I.e. your Go API). Note that the connection between your Nginx and Go application shouldn't need to be HTTPS since they are both on the sample machine.
Check out this Linode guide on setting up an Nginx config for HTTPS and reverse proxy for a web application.
Also, with HTTPS, you need to have a keypair that's been signed by a proper authority (i.e. a certificate chain). Since this is something your just using for your own uses, you could be the proper authority and generate your own self signed certificate. But it also might be easiest to just use Let's Encrypt, which will leverage the fact you own the domain and issue you a valid certificate to use for your site (also explained in Linode guide).
answered 4 hours ago
Conor PatrickConor Patrick
15117
add a comment |
Your Nginx can handle the a http and https request.
Set your nginx to listen on port 80 and redirect 80 request to 443.
server
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;Add you certificate in your nginx and proxy the request coming from 443 to GO server.
server
listen 443;
ssl on;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/ssl-tutorials.key;
server_name ssl-tutorials.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location /
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_body_buffer_size 512k;
proxy_connect_timeout 180;
proxy_send_timeout 180;
proxy_read_timeout 360;
proxy_buffering off
#Proxy request to your proxy
proxy_pass http://<ip_server>:<port>;
answered 4 hours ago
RoidRamirezRoidRamirez
463
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "3"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Alex Montague is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1438240%2frunning-server-on-home-network-with-https%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
HTTPS should be handled by the nginx server, which should be listening on port 443. It can listen on port 80 as well, but it's best that either serve HTTP or redirect to HTTPS (port 443) as this is normal behavior. You do not need any DNS configuration. Applications will typically recognize default ports 80 as HTTP and 443 as HTTPS.
It's best that an application like nginx handle the difficulties of properly handling high performance HTTP and HTTPS so you don't need to think about those things for your web app (I.e. your Go API). Note that the connection between your Nginx and Go application shouldn't need to be HTTPS since they are both on the sample machine.
Check out this Linode guide on setting up an Nginx config for HTTPS and reverse proxy for a web application.
Also, with HTTPS, you need to have a keypair that's been signed by a proper authority (i.e. a certificate chain). Since this is something your just using for your own uses, you could be the proper authority and generate your own self signed certificate. But it also might be easiest to just use Let's Encrypt, which will leverage the fact you own the domain and issue you a valid certificate to use for your site (also explained in Linode guide).
answered 4 hours ago
Conor PatrickConor Patrick
15117
add a comment |
HTTPS should be handled by the nginx server, which should be listening on port 443. It can listen on port 80 as well, but it's best that either serve HTTP or redirect to HTTPS (port 443) as this is normal behavior. You do not need any DNS configuration. Applications will typically recognize default ports 80 as HTTP and 443 as HTTPS.
It's best that an application like nginx handle the difficulties of properly handling high performance HTTP and HTTPS so you don't need to think about those things for your web app (I.e. your Go API). Note that the connection between your Nginx and Go application shouldn't need to be HTTPS since they are both on the sample machine.
Check out this Linode guide on setting up an Nginx config for HTTPS and reverse proxy for a web application.
Also, with HTTPS, you need to have a keypair that's been signed by a proper authority (i.e. a certificate chain). Since this is something your just using for your own uses, you could be the proper authority and generate your own self signed certificate. But it also might be easiest to just use Let's Encrypt, which will leverage the fact you own the domain and issue you a valid certificate to use for your site (also explained in Linode guide).
answered 4 hours ago
Conor PatrickConor Patrick
15117
add a comment |
HTTPS should be handled by the nginx server, which should be listening on port 443. It can listen on port 80 as well, but it's best that either serve HTTP or redirect to HTTPS (port 443) as this is normal behavior. You do not need any DNS configuration. Applications will typically recognize default ports 80 as HTTP and 443 as HTTPS.
It's best that an application like nginx handle the difficulties of properly handling high performance HTTP and HTTPS so you don't need to think about those things for your web app (I.e. your Go API). Note that the connection between your Nginx and Go application shouldn't need to be HTTPS since they are both on the sample machine.
Check out this Linode guide on setting up an Nginx config for HTTPS and reverse proxy for a web application.
Also, with HTTPS, you need to have a keypair that's been signed by a proper authority (i.e. a certificate chain). Since this is something your just using for your own uses, you could be the proper authority and generate your own self signed certificate. But it also might be easiest to just use Let's Encrypt, which will leverage the fact you own the domain and issue you a valid certificate to use for your site (also explained in Linode guide).
answered 4 hours ago
Conor PatrickConor Patrick
15117
HTTPS should be handled by the nginx server, which should be listening on port 443. It can listen on port 80 as well, but it's best that either serve HTTP or redirect to HTTPS (port 443) as this is normal behavior. You do not need any DNS configuration. Applications will typically recognize default ports 80 as HTTP and 443 as HTTPS.
It's best that an application like nginx handle the difficulties of properly handling high performance HTTP and HTTPS so you don't need to think about those things for your web app (I.e. your Go API). Note that the connection between your Nginx and Go application shouldn't need to be HTTPS since they are both on the sample machine.
Check out this Linode guide on setting up an Nginx config for HTTPS and reverse proxy for a web application.
Also, with HTTPS, you need to have a keypair that's been signed by a proper authority (i.e. a certificate chain). Since this is something your just using for your own uses, you could be the proper authority and generate your own self signed certificate. But it also might be easiest to just use Let's Encrypt, which will leverage the fact you own the domain and issue you a valid certificate to use for your site (also explained in Linode guide).
answered 4 hours ago
Conor PatrickConor Patrick
15117
answered 4 hours ago
Conor PatrickConor Patrick
15117
answered 4 hours ago
Conor PatrickConor Patrick
15117
answered 4 hours ago
Conor PatrickConor Patrick
15117
15117
add a comment |
add a comment |
Your Nginx can handle the a http and https request.
Set your nginx to listen on port 80 and redirect 80 request to 443.
server
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;Add you certificate in your nginx and proxy the request coming from 443 to GO server.
server
listen 443;
ssl on;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/ssl-tutorials.key;
server_name ssl-tutorials.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location /
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_body_buffer_size 512k;
proxy_connect_timeout 180;
proxy_send_timeout 180;
proxy_read_timeout 360;
proxy_buffering off
#Proxy request to your proxy
proxy_pass http://<ip_server>:<port>;
answered 4 hours ago
RoidRamirezRoidRamirez
463
add a comment |
Your Nginx can handle the a http and https request.
Set your nginx to listen on port 80 and redirect 80 request to 443.
server
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;Add you certificate in your nginx and proxy the request coming from 443 to GO server.
server
listen 443;
ssl on;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/ssl-tutorials.key;
server_name ssl-tutorials.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location /
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_body_buffer_size 512k;
proxy_connect_timeout 180;
proxy_send_timeout 180;
proxy_read_timeout 360;
proxy_buffering off
#Proxy request to your proxy
proxy_pass http://<ip_server>:<port>;
answered 4 hours ago
RoidRamirezRoidRamirez
463
add a comment |
Your Nginx can handle the a http and https request.
Set your nginx to listen on port 80 and redirect 80 request to 443.
server
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;Add you certificate in your nginx and proxy the request coming from 443 to GO server.
server
listen 443;
ssl on;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/ssl-tutorials.key;
server_name ssl-tutorials.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location /
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_body_buffer_size 512k;
proxy_connect_timeout 180;
proxy_send_timeout 180;
proxy_read_timeout 360;
proxy_buffering off
#Proxy request to your proxy
proxy_pass http://<ip_server>:<port>;
answered 4 hours ago
RoidRamirezRoidRamirez
463
Your Nginx can handle the a http and https request.
Set your nginx to listen on port 80 and redirect 80 request to 443.
server
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;Add you certificate in your nginx and proxy the request coming from 443 to GO server.
server
listen 443;
ssl on;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/ssl-tutorials.key;
server_name ssl-tutorials.com;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location /
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_body_buffer_size 512k;
proxy_connect_timeout 180;
proxy_send_timeout 180;
proxy_read_timeout 360;
proxy_buffering off
#Proxy request to your proxy
proxy_pass http://<ip_server>:<port>;
answered 4 hours ago
RoidRamirezRoidRamirez
463
answered 4 hours ago
RoidRamirezRoidRamirez
463
answered 4 hours ago
RoidRamirezRoidRamirez
463
answered 4 hours ago
RoidRamirezRoidRamirez
463
463
add a comment |
add a comment |
Alex Montague is a new contributor. Be nice, and check out our Code of Conduct.
Alex Montague is a new contributor. Be nice, and check out our Code of Conduct.
Alex Montague is a new contributor. Be nice, and check out our Code of Conduct.
Alex Montague is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1438240%2frunning-server-on-home-network-with-https%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
