Make Pi* HTTPS capable

Suggest new features here
Locked
DF2ET
Posts: 3
Joined: Tue Jun 15, 2021 8:08 am

Make Pi* HTTPS capable

Post by DF2ET »

Dear fellows,

I am experimenting with making Pi* use HTTPS in order to prevent recent browsers from displaying warning messages about self signed certificates etc Has anyone come up with a solution to that? May extending the config options to allow for upload of certificates?
For public use I normally have a reverse proxy in place but for the HotSpot at home this seems quite overkill - though possible....

vy73 de Florian DF2ET
K2IE
Posts: 124
Joined: Mon Aug 20, 2018 5:24 pm
Contact:

Re: Make Pi* HTTPS capable

Post by K2IE »

Run an https proxy in nginx that then connects to Pi-Star's web interface running on the loopback interface.
dd0ul
Posts: 7
Joined: Tue Jul 17, 2018 8:20 am

Re: Make Pi* HTTPS capable

Post by dd0ul »

Moin Florian,
DF2ET wrote: Fri Jun 25, 2021 11:21 am Dear fellows,

I am experimenting with making Pi* use HTTPS in order to prevent recent browsers from displaying warning messages about self signed certificates etc Has anyone come up with a solution to that? May extending the config options to allow for upload of certificates?
For public use I normally have a reverse proxy in place but for the HotSpot at home this seems quite overkill - though possible....

vy73 de Florian DF2ET
I had the same problem. And I solved it for my hotspot: the nginx is now doing https, a redirect from port 80 to 443 and all my computers in the shack accept the pi-star certificate. The whole magic is around this certificate. I show how it is created and maintained in a video on Youtube on my amateur radio channel there. The video is in German, but you can use Youtube's automatic translation function for subtitles

Now not only is my browser satisfied with the setup, no, I am also pleased that the login password for pi-star is securely transmitted. I would be interested in feedback on how you got along with my video documentation.

vy 73 de Micha, DD0UL
DF2ET
Posts: 3
Joined: Tue Jun 15, 2021 8:08 am

Re: Make Pi* HTTPS capable

Post by DF2ET »

Hi Micha,

tnx. Found the video on https://www.youtube.com/watch?v=uI-W_Ocn-v0.
Will implement for my Hotspot.

mni tnx es vy73 de Florian DF2ET
DF2ET
Posts: 3
Joined: Tue Jun 15, 2021 8:08 am

Re: Make Pi* HTTPS capable

Post by DF2ET »

K2IE wrote: Fri Jun 25, 2021 4:53 pm Run an https proxy in nginx that then connects to Pi-Star's web interface running on the loopback interface.
I have this solution running for some permanent sites. But for a portable HotSpot it doesn't make sense to have a separate box as proxy imho. I will try to go with DD0UL's description he posted eralier.
dd0ul
Posts: 7
Joined: Tue Jul 17, 2018 8:20 am

Re: Make Pi* HTTPS capable

Post by dd0ul »

Moin,
DF2ET wrote: Sun Jun 27, 2021 9:55 am Hi Micha,

tnx. Found the video on https://www.youtube.com/watch?v=uI-W_Ocn-v0.
Will implement for my Hotspot.

mni tnx es vy73 de Florian DF2ET
OMG, I really forgot the link to the video? The most important part in my posting :-)

vy 73 de Micha, DD0UL
Locked