Apache 2 to protect non ssl webserver application - webserver

Is it possible whit apache2 and letsencrypt protect a non-ssl web aplication ? like redirect http://port to https all protected whit already instaled ssl certificate.
the web aplication dont have ssl option and is on ubuntu18.

Related

What is the best way to secure your backend code with SSL?

I am newbie here. Trying to set up an end to end service running.
Here is my scenario:
frontend is hosted in heroku.
backend is spring-boot and server is hosted in AWS.
My backend service has integrated the facebook Oauth2 login, for which I must provide a redirect URL which is https. To handle that I created a self signed certificate and secured my backend service with the same.
Everything is working fine till here except the security warning users will get in the browser as the certificate is self signed. AFAIK I must get a CA root certificate to avoid this. but to get the CA root certificate i need to provide the domain i will be protecting. For the backend server there is no domain, it will just be a static ip.
Can someone please guide me as to what is the correct approach here ?

http tp https forward some requests in haproxy

Currently all traffic is coming to backend servers, which is running on port 80. However we want to redirect some pages to https. This means that whenever the customer hits on login page, logout page present in the website. It should be redirected to https.
When a customer hits on the login button it redirect to https but using haproxy it doesn't work.
https://XXXXXXXX.com/customer/account/login/
We have already installed ssl in both the servers.
However, redirection is not working from http to https.
Please suggest what I should try.
It would be best to use HAproxy to terminate the SSL and talk to the backend servers via HTTP rather than having both HAproxy and the webserver doing SSL.
There is a good SSL setup tutorial here https://www.digitalocean.com/community/tutorials/how-to-implement-ssl-termination-with-haproxy-on-ubuntu-14-04

How can enable https with fb_ca_chain_bundle.crt for a facebook app in Apache 2 server?

How can enable https with fb_ca_chain_bundle.crt for a facebook app in Apache 2 server ?
Basically I have this file, how can I set up my apache 2 to use this cert?

cacert ssl certificate for servers hosting secure facebook applications

I want to install the cacert ssl certificate on a server on which i want to host secure (https) facebook applications .I want to know if facebook allows https server to have cacert certificate to fetch facebook app
Yes. As long as you have a valid browser cert you will be fine. I have specifically used GoDaddy's ca certificate chain with a secure Facebook app with no difficulty.
For the majority of cheap shared hosting environments you don't necessarily need to purchase individual ssl as long as the server has a shared SSL as discussed here.

SSL details of installation, connection & authorization for iphone

I don't have SSL on server side i am using microsoft IIS Server. I want to make the access secured with Https & SSL with my iphone application can anyone send me the details what to do & what are the requirements. I am new in both iphone & SSL