How to configure apache2 on Raspberry pi to serve https? - raspberry-pi

I am trying to use a Raspberry Pi 4 Model B as a small web server. It works fine for unsecured http, both within my home LAN and over the net. I have obtained a domain name and SSL certificate and key file. I am testing the server by accessing it within my local network using a browser and the Pi hostname. Unsecured http works fine, but making an https request results in a delay and then a "host refused to connect" message on the browser.
I have found conflicting instructions on the Web as to which Apache configuration file needs to be edited to include paths to the SSLCertificateFile and SSLCertificateKeyFile.
Within /etc/apache2 there are sites-available and sites-enabled subdirectories and more than one *.conf file, but apparently I have not edited the right one.
So, first, which is the correct configuration file to edit with the certificate paths, and second, does Apache produce a log file somewhere that would reveal any error messages produced by errors in the certificate?

I found a more complete set of instructions that showed how to add a port 443 virtual host to the default-000.conf file. It is working now.

Related

Setting up GCS for webGL clients to connect through SSL

I've been having a lot of problem to make my target setup work: hosting a headless server on GoogleCloudService, that webGL clients hosted on a platform like itch.io could connect to. I'm using Mirror and its SimpleWebTransport for connecting.
The server runs fine, and I can connect from my local server browser when SimpleWebTransport's "use WSS" and "use SSL" bools are off.
When uploading the build and running the client through itch.io tho, it's giving an error saying it needs to use WSS to connect.So I re-uploaded everything with the WSS and SSL options ticked on the SimpleWebTransport. I've also followed a guide to activate a load balancer and make an instance group so I could have a google-managed SSL certificate produced.
Now trying to connect this way gives me a new error (cf attachement).
What could I be missing setup wise? I see in the SimpleWebtransport there's a field for a path to the certificate, should I be using it and how? I do see the following error in my server's console:
FileNotFoundException: Could not find file "/home/saturn_slides_gmail_com/cert.json"
Also, is it ok that i'm using port 7778 in Mirrors' setup as well as in GCS's instance group settings? Or should i be using some other ports.
thank you !

Sideloading Word JS Addin developed on local Docker machine - Can't reach Add-in

I'm having trouble trying to side-load an add-in in MS Word, getting the error
'ADD-IN ERROR: A problem occured while trying to reach this add-in.' The add-in needs to be hosted on a local docker environment to be integrated in the rest of a web aplication.
Setup
The add-in files are hosted on a local docker machine, accessible through both an ip-address and a https://dev.local address. The add-in is reachable through Internet Explorer and Edge Chromium without any certificate errors. It doesn't matter whether I try to reach the IP address of the locally mapped dev.local, the add-in refuses to load and just crashes. I'm on Word version 2002 build 12527.20194. Another word-addin that we host externally works fine.
What i've tried
I've been messing around with the settings in Internet Explorer (moving the sites to local zone, trusted zone, enabling and disabling the protection there).
I've upgraded Edge to edge Chromium. I've tried to use the Preview of
Edge Developer Tools, but that crashes when the error occurs.
I've tried using Fiddler and activate the runtime logging, but can't get more information on what's going wrong.
I've used the Yoman validation on the manifest.xml and everything checks out.
I've also enabled loopback through CheckNetIsolation LoopbackExempt -a -n="microsoft.win32webviewhost_cw5n1h2txyewy"
I'm pretty much at a loss now: what can I do to get more information on what's crashing the add-in?
OK so I managed to finally get this to work, leaving this here for anyone who might run into the same issues.
Because the local sideloading did work, I figured we needed to emulate the localhost situation with the docker. So I instructed the virtual machine to forward localhost:3000 to the Docker Toolbox port 443. I also copied over the SSL certificates generated by Yoman in <userhome>/.office-addin-dev-certs to the Nginx docker and instructed Nginx to use those SSL certificates for port 443.
I'm not entirely sure if adapting all of the other settings (such as enabling the loopback interface and using the about:flags page to always allow https on localhost are also neccesary, maybe just emulating the webserver on localhost is enough. Hope this helps someone!

Expose Ngrok Web interface in same LAN

I have some issue to configurate Ngrok.
I have installed the Ngrok on linux CentOS server dedicated (IP 192.168.1.124), it works correctly the tunneling is ok.
My question is: how i can reach the web page on 127.0.0.1:4040 in order to check the traffic on my Ngrok server?
The web interface page is only accessible on the server where ngrok is running, but if this is a linux minimal server (without gui and any type of browser) I can't see it.
is there a way to make it accessible also in LAN?
e.g. I have another client that can reach the IP where ngrok is running but if i put on web browser http:\192.168.1.124:4040 nothing is showing.
I see from netstat that this port is not listening so isn't a firewall problem or other.
Is possible to change config of Ngrok? otherwise are there other possibilities ? do i have to use a reverse proxy or something like?
Any ideas?
thanks for your help,
Luca
Locate your ngrok's config file:
$ ngrok config check
Valid configuration file at /home/youruser/.config/ngrok/ngrok.yml
Add to the config file the following line:
web_addr: 192.168.1.124:4040
In case you want to expose it to all interfaces, you can replace that value with 0.0.0.0:4040

How to see a single html page on centOs server

I run a local server and I installed centOS on it and I can access on this server with ssh command line. I set my dns name and etc.
on my server I create a user called: 'masoud'.
then I created a index.html file. now I want to see this index.html with my ip address. on other hand how can I see this index.html file on my browser?
I tested there url's on my browser but I cannot see anything.
92.168.15.9/index.html
92.168.15.9
92.168.15.9:80/index.html
Apache (or similar webserver) is installed?
Apache (or installed webserver) is running?
index.html is in the doc root (check apache configs)
index.html has the correct permissions/owner (see error/access logs)
Check the Apache error/access logs?
If there are firewalls, are they setup to allow http traffic to/from the server?

how to view "localhost" on my iPod touch

I have a website I am building on localhost:
http://localhost/my-website
I need to test it on my iPhone, but I'm not sure how to go about it. Do I just change my httpd-vhosts.conf file, and, if so, what are the settings?
Assuming that your development machine is called my-macbook-pro, you should just be able to navigate to http://my-macbook-pro.local/mywebsite on your iPhone.
To expand slightly on Richard J. Ross III's answer, "localhost" is a name used to refer only to the local computer. In order for your iPhone to be able to access content on that machine it must:
Have an IP address on the same network as the server machine.
This can be achieved by connecting the iPhone to a wireless access point that is on the same network as the PC, or by creating an ad-hoc wireless network between the two devices.
Respond to HTTP requests from network clients.
Assuming the server and the iPhone are on the same network, it should be possible for traffic to flow between them. However in order for your web content to be visible to the iPhone, the web server must also be configured to respond to requests made to the server machine's IP address.
This is not normally a problem as web servers are commonly configured to respond to HTTP requests sent to any of the machines IP addresses. It is possible that a server could be configured to only respond to local requests, however this is not a typical default setting
How you check or modify this setting is dependent upon the HTTP server software you are using. As this information is not specified I will include instructions for Apache2 as this is a very common choice of HTTP server.
Apache's Listen Directive
Apache's main configuration file is httpd.conf and it is located in the conf subdirectory of your Apache directory. The location of your Apache root directory will vary depending upon what operating system you are using and whether or not a custom location was chosen at installation.
The httpd.conf file contains a directive named Listen which controls the interface (IP address and port) on which Apache listens for incomming HTTP requests.
The default form of this directive is commonly
Listen 80
This specifies that the machine will respond on any of it's IP addresses to requests made on port 80, which is the default port for HTTP traffic.
You can modify the Listen directive to use any address associated with the machine including the loopback address (127.0.0.1) which the name localhost resolves to.
If Apache is set up to only listen on the loopback address then your server machine will only respond to requests made on the local machine. In this configuration, your Listen directive will look something like:
Listen 127.0.0.1:80
If this is the case, you will need to change to either listening on all addresses, as in the example above, or listening only on the address used by the iPhone to communicate with the server machine.
100% working solutions
(for linux + apache + vhosts)
If you are using vhost (several sites on the same server apache) the next several tips can help you view your local websites on mobile:
1) VHOST edit -You should go to /etc/apache2/sites-available/ on your server. There can be several files .conf, each file contain a virtual host configuration for apache. Default file will look like 000-default.conf. Open it (or another one) with admin permissions sudo. In that file you should see something like this:
<VirtualHost *:80>
ServerName auction.dev
ServerAdmin test#test.com
DocumentRoot /var/www/public_html/html
ErrorLog /var/www/logs/error.log
CustomLog /var/www/logs/access.log combined
</VirtualHost>
2) XIP.IO - this special service (its totally free) can help you. You should add to .conf file next line - ServerAlias auction.dev.*.xip.io, after this operation your file will look like this:
<VirtualHost *:80>
ServerName auction.dev
ServerAlias auction.dev.*.xip.io
ServerAdmin test#test.com
DocumentRoot /var/www/public_html/html
ErrorLog /var/www/logs/error.log
CustomLog /var/www/logs/access.log combined
</VirtualHost>
After editing you should save this file and restart apache with command sudo apachectl restart.
3) View from mobile - You need to know ip of your server, in my situation ip = 192.168.1.247. Now in your mobile browser just type auction.dev.192.168.1.247.xip.io and you should see your local website.
I'm working with xampp. localhost works on port 8080.
I just find my ip with ipconfig and surf to http://10.0.0.1:8080.
That easy!
If you just want a better feel of the native behavior instead of just browser dev tools you can use the iOS simulator and type localhost:xxxx in safari app.
For OSX, go to System Preferences / Sharing. There, you can find and change the name of your computer. In the same section, you also have to enable "Internet Sharing" service with "iPhone USB" port.
Then you can view your website at http://{ computer_name }.local/my-website.
When you connect your ipod with the cable to your macbook the device appears in safari on your mac in the menu under developers. When you click this option you can see exact the same as you can on your ipod.
Following these steps worked for me:
https://mtm.dev/iphone-localhost-mac
It is based on Internet Sharing via USB and setting & using the device_name which is then used as mentioned as <device_name>.local:<port>