Questions setting up HTTPS for self-hosted server


#1

Hi all,

I recently built out some web infrastructure for a small company, which is hosted on an on-prem server. The server has a linux VM with Xampp (apache) and uses port-forwarding to route the domain and sub-domains to the various sites and services built.

For the ecommerce site to accept payments through stripe we need to make the site run HTTPS with a cert. Currently we use Dyn for DNS service, so the ecommerce site can be publicly accessed even now at nwenergydirect.com or the Dyn domain (buildintel.webhop.biz:48504). I am wondering how to go about setting up this cert chain, how to get certs for this stack, and how to make sure it works with our top-level domain provider.

iPage is the top-level domain provider for nwenergydirect.com

Basically, we can either make HTTPS work with our current setup that relies on Dyn and port-forwarding which seems unlikely, or we can get rid of Dyn and port-forwarding and somehow have the top-level domain point straight to my apache virtualhost. this would simplify the cert chain.

Tell me what to do, ask any question. Help is appreciated so that this small business can start making sales through ecommerce.

Kellan


#2

Hi @GelLiNN

your setup can’t work ( https://check-your-website.server-daten.de/?q=nwenergydirect.com ):

These are your public visible ip addresses:

Host T IP-Address is auth. ∑ Queries ∑ Timeout
nwenergydirect.com A 66.96.149.29 yes 1 0
AAAA yes
www.nwenergydirect.com A 66.96.149.29 yes 1 0
AAAA yes

That

Domainname Http-Status redirect Sec. G
http://nwenergydirect.com/
66.96.149.29 200 0.220 H
http://www.nwenergydirect.com/
66.96.149.29 200 0.207 H
https://nwenergydirect.com/
66.96.149.29 200 1.290 I
https://www.nwenergydirect.com/
66.96.149.29 200 1.030 I
http://nwenergydirect.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
66.96.149.29 404 0.210 A
Not Found
Visible Content:
http://www.nwenergydirect.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
66.96.149.29 404 0.214 A
Not Found
Visible Content:

looks - first watch - good. But there is a frame

<html><HEAD>

</HEAD><FRAMESET border='0' ROWS='*,1'> <FRAME SRC='http://buildintel.webhop.biz:48504'><FRAME SRC='blank.html'> </FRAMESET> </html>

so there is no content.

You can use dns-01 validation to create a certificate, then you don’t need a running webserver. But with that setup you can’t use http-01 validation.

Check