• If you need help or want to discuss things, you now can also join us on our Discord Server!
  • A first preview of the unlimited version of SinusBot can be found in the Upcoming Changes thread. A version for Windows will follow, but we don't have a release date, yet.

How to get SSL Certificate for my Sinusbot Webinterface

C

Computerjul

Member
Hello!

I have a sinusbot running on a ubuntu vps. i am also using reverse proxy with nginx so i can access the sinubot with my own subdomain. Works good. I used this guide:

https://sinusbot.github.io/docs/reverse-proxy/nginx/

I used the only http method without SSL but i would like to upgrade to ssl. Do i have to buy a ssl certificate and download it or how does it work ? My hosting provider where i bought the domain from says SSL is enabled for all my domains and subdomains but i can not download a file or find a key or whatever i need. Can anyone explain the process to me please.

Kind regards
 
J

Justman10000

Helping Hand
Computerjul said:
Hello!

I have a sinusbot running on a ubuntu vps. i am also using reverse proxy with nginx so i can access the sinubot with my own subdomain. Works good. I used this guide:

https://sinusbot.github.io/docs/reverse-proxy/nginx/

I used the only http method without SSL but i would like to upgrade to ssl. Do i have to buy a ssl certificate and download it or how does it work ? My hosting provider where i bought the domain from says SSL is enabled for all my domains and subdomains but i can not download a file or find a key or whatever i need. Can anyone explain the process to me please.

Kind regards
Click to expand...
You can use Certbot or acme.sh, wich request a free certificate from Let's Encrypt
 
C

Computerjul

Member
Justman10000 said:
You can use Certbot or acme.sh, wich request a free certificate from Let's Encrypt
Click to expand...
Thank you. I will take a look at it. I am prettty new to all the linux and all that server stuff and i have to work with terminal only so it will take me some time to know what to do and how to proceed.. but im learning.
Justman10000 said:
And I recommend Apache2! is simpler in terms of configuration
Click to expand...

Alright. I will also take a look at that.

Justman10000 said:
If you like, I can also configure it for you 😉
Click to expand...

Thank you. If you can help me out that would be awesome but without me giving you access to my accounts, server or giving you any of my login credentials.
 
Jniklas2

Jniklas2

Donor
is awesome!
Insider
Instead of nginx i can recommend caddy. It's an easy webserver, that does ssl and some basic things automatically.
 
J

Justman10000

Helping Hand
Jniklas2 said:
In my opinion it's one of the simplest configurations out there. For a reverse proxy, you only need this:

JSON: 
sub.domain.example {
        reverse_proxy 10.20.30.40:11000
}
Click to expand...
Really? Would be in Apache2 this:

Code: 
<VirtualHost *:80>
    ServerName yourdomain.tld

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
    ServerName yourdomain.tld
    DocumentRoot /home/web

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine On
    SSLCertificateFile    /etc/letsencrypt/live/yourdomain.tld/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.tld/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.tld/fullchain.pem

    # If you do not use a proxy
    <Directory /home/web>
        AllowOverride all
        Require all granted
    </Directory>

    # If you use a proxy
    ProxyPreserveHost On

    ProxyPass / http://127.0.0.1:port/
    ProxyPassReverse / http://127.0.0.1:port/
    # If the application use websockets
    RewriteCond %{HTTP:Upgrade} =websocket
    RewriteRule /(.*) ws://localhost:port/$1 [P,L]
    RewriteCond %{HTTP:Upgrade} !=websocket
    RewriteRule /(.*) http://localhost:port/$1 [P,L]
</VirtualHost>
 
Jniklas2

Jniklas2

Donor
is awesome!
Insider
Justman10000 said:
Really? Would be in Apache2 this:

Code: 
<VirtualHost *:80>
    ServerName yourdomain.tld

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
    ServerName yourdomain.tld
    DocumentRoot /home/web

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine On
    SSLCertificateFile    /etc/letsencrypt/live/yourdomain.tld/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.tld/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.tld/fullchain.pem

    # If you do not use a proxy
    <Directory /home/web>
        AllowOverride all
        Require all granted
    </Directory>

    # If you use a proxy
    ProxyPreserveHost On

    ProxyPass / http://127.0.0.1:port/
    ProxyPassReverse / http://127.0.0.1:port/
    # If the application use websockets
    RewriteCond %{HTTP:Upgrade} =websocket
    RewriteRule /(.*) ws://localhost:port/$1 [P,L]
    RewriteCond %{HTTP:Upgrade} !=websocket
    RewriteRule /(.*) http://localhost:port/$1 [P,L]
</VirtualHost>
Click to expand...
Yes, Caddy does many things automatically in the background ^^. As long as it's getting a valid domain and is accessible via port 80 from the internet, it automatically creates and renews lets encrypt or zerossl certificates via the acme protocoll with HTTP-01.

My sinusbot Interface runs behind a caddy reverse proxy too ^^.
 
You must log in or register to reply here.
Top