I'm trying to run OpenHAB, which is open-source home automation software (for those who don't want to give away their privacy to Google or Amazon). It installs and runs on 127.0.0.1:8080.
I already have certbot providing an SSL cert to my domain (Linux computer running Apache). But, when I try to do https://stellar7.org:8080, I get
Secure Connection Failed
An error occurred during a connection to stellar7.org:8080. SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
I don't know anything about certificates or SSL but I can follow instructions.
Thanks for the quick reply. I’m hosting multiple personal sites on this computer so I’m using /etc/apache2/sites-available. Here’s the relevant site config file:
<VirtualHost *:80>
ServerName www.stellar7.org
Redirect "/" "https://stellar7.org"
</VirtualHost>
<VirtualHost *:80>
ServerName stellar7.org
Redirect "/" "https://stellar7.org"
</VirtualHost>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin admin@stellar7.org
ServerName stellar7.org
ServerAlias www.stellar7.org
DocumentRoot /var/www/stellar7.org/public_html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =stellar7.org
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/menoo.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/menoo.org/privkey.pem
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
It seems like OpenHAB suggested you to use a reverse proxy to proxy requests to https.
I don’t think it’s feasible to install certificate and reload/restart your OpenHAB manually every 2 months. It might just be easier to use Apache to reverse proxy your instance to 443(or any other ports than 8443, 8080. since it’s been taken by OpenHAB) and configure certificate.
Curious: Checking your port 8080 there is no answer via "check-your-website", but my browser has an answer.
http://stellar7.org:8080/
works.
So if this is your http port, you may need another port to use https. I don't know if openHAB supports two protocols on the same port (some programs do).