• If you need help or want to discuss things, you now can also join us on our Discord Server!
  • A first preview of the unlimited version of SinusBot can be found in the Upcoming Changes thread. A version for Windows will follow, but we don't have a release date, yet.

How to get SSL Certificate for my Sinusbot Webinterface

Hello!

I have a sinusbot running on a ubuntu vps. i am also using reverse proxy with nginx so i can access the sinubot with my own subdomain. Works good. I used this guide:

https://sinusbot.github.io/docs/reverse-proxy/nginx/

I used the only http method without SSL but i would like to upgrade to ssl. Do i have to buy a ssl certificate and download it or how does it work ? My hosting provider where i bought the domain from says SSL is enabled for all my domains and subdomains but i can not download a file or find a key or whatever i need. Can anyone explain the process to me please.

Kind regards
 

Justman10000

Helping Hand
Hello!

I have a sinusbot running on a ubuntu vps. i am also using reverse proxy with nginx so i can access the sinubot with my own subdomain. Works good. I used this guide:

https://sinusbot.github.io/docs/reverse-proxy/nginx/

I used the only http method without SSL but i would like to upgrade to ssl. Do i have to buy a ssl certificate and download it or how does it work ? My hosting provider where i bought the domain from says SSL is enabled for all my domains and subdomains but i can not download a file or find a key or whatever i need. Can anyone explain the process to me please.

Kind regards
You can use Certbot or acme.sh, wich request a free certificate from Let's Encrypt
 
You can use Certbot or acme.sh, wich request a free certificate from Let's Encrypt
Thank you. I will take a look at it. I am prettty new to all the linux and all that server stuff and i have to work with terminal only so it will take me some time to know what to do and how to proceed.. but im learning.
And I recommend Apache2! is simpler in terms of configuration

Alright. I will also take a look at that.

If you like, I can also configure it for you 😉

Thank you. If you can help me out that would be awesome but without me giving you access to my accounts, server or giving you any of my login credentials.
 

Jniklas2

Donor
is awesome!
Insider
Instead of nginx i can recommend caddy. It's an easy webserver, that does ssl and some basic things automatically.
 

Justman10000

Helping Hand
In my opinion it's one of the simplest configurations out there. For a reverse proxy, you only need this:

JSON:
sub.domain.example {
        reverse_proxy 10.20.30.40:11000
}
Really? Would be in Apache2 this:

Code:
<VirtualHost *:80>
    ServerName yourdomain.tld

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
    ServerName yourdomain.tld
    DocumentRoot /home/web

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine On
    SSLCertificateFile    /etc/letsencrypt/live/yourdomain.tld/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.tld/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.tld/fullchain.pem

    # If you do not use a proxy
    <Directory /home/web>
        AllowOverride all
        Require all granted
    </Directory>

    # If you use a proxy
    ProxyPreserveHost On

    ProxyPass / http://127.0.0.1:port/
    ProxyPassReverse / http://127.0.0.1:port/
    # If the application use websockets
    RewriteCond %{HTTP:Upgrade} =websocket
    RewriteRule /(.*) ws://localhost:port/$1 [P,L]
    RewriteCond %{HTTP:Upgrade} !=websocket
    RewriteRule /(.*) http://localhost:port/$1 [P,L]
</VirtualHost>
 

Jniklas2

Donor
is awesome!
Insider
Really? Would be in Apache2 this:

Code:
<VirtualHost *:80>
    ServerName yourdomain.tld

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
    ServerName yourdomain.tld
    DocumentRoot /home/web

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine On
    SSLCertificateFile    /etc/letsencrypt/live/yourdomain.tld/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.tld/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/yourdomain.tld/fullchain.pem

    # If you do not use a proxy
    <Directory /home/web>
        AllowOverride all
        Require all granted
    </Directory>

    # If you use a proxy
    ProxyPreserveHost On

    ProxyPass / http://127.0.0.1:port/
    ProxyPassReverse / http://127.0.0.1:port/
    # If the application use websockets
    RewriteCond %{HTTP:Upgrade} =websocket
    RewriteRule /(.*) ws://localhost:port/$1 [P,L]
    RewriteCond %{HTTP:Upgrade} !=websocket
    RewriteRule /(.*) http://localhost:port/$1 [P,L]
</VirtualHost>
Yes, Caddy does many things automatically in the background ^^. As long as it's getting a valid domain and is accessible via port 80 from the internet, it automatically creates and renews lets encrypt or zerossl certificates via the acme protocoll with HTTP-01.

My sinusbot Interface runs behind a caddy reverse proxy too ^^.
 

minini

New Member
salut tout le monde
donc pour répondre à votre question, vous devez suivre ceci
Pour obtenir un certificat SSL pour votre interface Web SinusBot, utilisez Let's Encrypt avec un outil comme Certbot . Installez Certbot, exécutez sudo certbot certonly --standalone et suivez les instructions. Mettez à jour votre configuration SinusBot pour utiliser le certificat généré et les fichiers de clé, puis redémarrez SinusBot pour appliquer les modifications.

 
Last edited:

Justman10000

Helping Hand
salut tout le monde
donc pour répondre à votre question, vous devez suivre ceci
Pour obtenir un certificat SSL pour votre interface Web SinusBot, utilisez Let's Encrypt avec un outil comme Certbot . Installez Certbot, exécutez sudo certbot certonly --standalone et suivez les instructions. Mettez à jour votre configuration SinusBot pour utiliser le certificat généré et les fichiers de clé, puis redémarrez SinusBot pour appliquer les modifications.
In English please! Besides, this has probably already been done for a long time!
 
Top