Dear fellows,
I am experimenting with making Pi* use HTTPS in order to prevent recent browsers from displaying warning messages about self signed certificates etc Has anyone come up with a solution to that? May extending the config options to allow for upload of certificates?
For public use I normally have a reverse proxy in place but for the HotSpot at home this seems quite overkill - though possible....
vy73 de Florian DF2ET
Make Pi* HTTPS capable
Re: Make Pi* HTTPS capable
Run an https proxy in nginx that then connects to Pi-Star's web interface running on the loopback interface.
Re: Make Pi* HTTPS capable
Moin Florian,
Now not only is my browser satisfied with the setup, no, I am also pleased that the login password for pi-star is securely transmitted. I would be interested in feedback on how you got along with my video documentation.
vy 73 de Micha, DD0UL
I had the same problem. And I solved it for my hotspot: the nginx is now doing https, a redirect from port 80 to 443 and all my computers in the shack accept the pi-star certificate. The whole magic is around this certificate. I show how it is created and maintained in a video on Youtube on my amateur radio channel there. The video is in German, but you can use Youtube's automatic translation function for subtitlesDF2ET wrote: ↑Fri Jun 25, 2021 11:21 am Dear fellows,
I am experimenting with making Pi* use HTTPS in order to prevent recent browsers from displaying warning messages about self signed certificates etc Has anyone come up with a solution to that? May extending the config options to allow for upload of certificates?
For public use I normally have a reverse proxy in place but for the HotSpot at home this seems quite overkill - though possible....
vy73 de Florian DF2ET
Now not only is my browser satisfied with the setup, no, I am also pleased that the login password for pi-star is securely transmitted. I would be interested in feedback on how you got along with my video documentation.
vy 73 de Micha, DD0UL
Re: Make Pi* HTTPS capable
Hi Micha,
tnx. Found the video on https://www.youtube.com/watch?v=uI-W_Ocn-v0.
Will implement for my Hotspot.
mni tnx es vy73 de Florian DF2ET
tnx. Found the video on https://www.youtube.com/watch?v=uI-W_Ocn-v0.
Will implement for my Hotspot.
mni tnx es vy73 de Florian DF2ET
Re: Make Pi* HTTPS capable
I have this solution running for some permanent sites. But for a portable HotSpot it doesn't make sense to have a separate box as proxy imho. I will try to go with DD0UL's description he posted eralier.
Re: Make Pi* HTTPS capable
Moin,
vy 73 de Micha, DD0UL
OMG, I really forgot the link to the video? The most important part in my postingDF2ET wrote: ↑Sun Jun 27, 2021 9:55 am Hi Micha,
tnx. Found the video on https://www.youtube.com/watch?v=uI-W_Ocn-v0.
Will implement for my Hotspot.
mni tnx es vy73 de Florian DF2ET
vy 73 de Micha, DD0UL