How can I configure Let's Encrypt either mannually or Certbot to work with G-WAN web server?

My domain is:
bookthatfreight.com

My web server is (include version):
G-WAN Web App. Server v7

The operating system my web server runs on is (include version):
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster

My hosting provider, if applicable, is:
n/a

I can login to a root shell on my machine:
yes

I’m using a control panel to manage my site:
n/a

The version of my client is (output of certbot --version):
certbot 0.31.0

  1. G-Wan web server works corectly on HTTP
  2. Certbot installed corectly: certbot certonly --standalone
  3. Certificates installed successfully: /etc/letsencrypt/live/bookthatfreight.com
1 Like

It appears that G-WAN doesn’t support SSL termination at all.

The manual does not make any mention of it, and this (quite old) answer from the author of the project seems to back that up.

You will have to stick another TLS-capable server in front of G-WAN (e.g. haproxy, nginx, stunnel, whatever).

1 Like

The user manual does “mention” TLS/SSL; but fails to show a working example.
No more is known than the cert sub-directory is used for it:
http://www.gwan.com/archives/gwan_linux.pdf

From page 7:
image

From page 12:
image

1 Like

I did see the reference to the certs folder, but I think it’s a complete dead end. Might be left over from the time when the author says they had an experimental implementation.

When you actually run the server, it doesn’t even check whether the directory exists (looking at strace). Neither does the certs string appear in its un-upx'd binary.

1 Like

Agreed.
The software’s last release was six years ago.
One would need to either add to the open source code or choose another web server.
Or, as you suggested, put it behind a TLS capable proxy.
[but I think doing that would defeat the purpose of this software]

BTW it is “cert” not “certs”

1 Like