When developing Geonotes, I ran into the issue of Chrome not allowing non-HTTPS access to geolocation. The geonotes backend is Java, which generally implies that its robust, but needs to be tweaked a great deal for every use case -- read, not something I enjoy doing. After a brief look at available workarounds and trying a few out, I wanted to pull my hair out, but found there wasn't much left to pull. In the back of my mind somewhere, I recalled there was a way to set up an HTTPS-to-HTTP proxy, thus avoiding the need to mess with keytool and the rest of it, stunnel. Just needed to add a cronjob for certbot to renew certificates and Openssl commands to convert the issued certificate to one that the J2ee middleware likes. Without further ado, then.
Stunnel creates an proxy server on the localhost and handles the SSL to plaintext conversion. Indeed, the configuration is cake:
pid = /home/ec2-user/postgisweb/stunnel.pid cert = /home/ec2-user/postgisweb/ssl.pem [geonotes] accept = 0.0.0.0:8443 connect = 127.0.0.1:8080
8080 is my HTTP port, and I want to run SSL on 8443. The wildcard IP is necessary because we want stunnel to listen on all IP addresses on the server, but want HTTP allowed only on localhost (else there's no point in SSL in the first place). The other interesting part is that ssl.pem is constructed using cat /usr/local/etc/letsencrypt/live/hasan.d8u.us/privkey.pem /usr/local/etc/letsencrypt/live/hasan.d8u.us/fullchain.pem | tee append ~ec2-user/postgisweb/ssl.pem. Stick the command in a cron job and have it run often -- I have mine set to every 3 hours.
We verify our work, by pointing our browser to port 8443 and checking if there are SSL issues. There are not. And we're set.
Great Blog!!! Presentation was really good... thanks for sharing with us...
ReplyDeleteAndroid Training in Chennai
app development course in chennai
Android Training Institute in Chennai
Android training
Android Training in Velachery
Android training in Adyar
Python Training in Chennai
Software testing training in chennai
JAVA Training in Chennai
Awesome blog. I enjoyed reading your articles. This is truly a great read for me. I have bookmarked it and I am looking forward to reading new articles. Keep up the good work!
ReplyDeleteData Science Training Institute in Bangalore
Cool stuff you have and you keep overhaul every one of us.
ReplyDeleteData Science Course
Thanks for the informative and helpful post, obviously in your blog everything is good..
ReplyDeleteData Science Training
This article is good enough for someone to understand this amazing thing, and I'm sure everyone will appreciate these cool things.
ReplyDeleteData Science Certification
I think this is an informative and very useful and knowledgeable article. therefore, I would like to thank you for your effort in writing this article.
ReplyDelete360DigiTMG Business Analytics Course in Bangalore
very happy to find a good place for many here in the post, the writing is just great, thanks for the post.
ReplyDelete360DigiTMG Data Analytics Course in Bangalore
Honestly speaking this blog is absolutely amazing in learning the subject that is building up the knowledge of every individual and enlarging to develop the skills which can be applied in to practical one. Finally, thanking the blogger to launch more further too.
ReplyDeleteData Science Course in Bhilai
Fantastic blog extremely good well enjoyed with the incredible informative content which surely activates the learners to gain the enough knowledge. Which in turn makes the readers to explore themselves and involve deeply in to the subject. Wish you to dispatch the similar content successively in future as well.
ReplyDeleteData Science Training in Bangalore
Now is the perfect time to plan for the future and now is the time to be happy. I have read this article and if I can I want to suggest some interesting things or suggestions to you. Perhaps you could write future articles that reference this article. I want to know more!
ReplyDeleteData Science Institutes in Bangalore
Really wonderful blog completely enjoyed reading and learning to gain the vast knowledge. Eventually, this blog helps in developing certain skills which in turn helpful in implementing those skills. Thanking the blogger for delivering such a beautiful content and keep posting the contents in upcoming days.
ReplyDeleteDigital Marketing Training in Bangalore
This comment has been removed by the author.
ReplyDeleteI enjoyed the coursework, the presentations, the classmates and the teachers. And because my company reimbursed 100% of the tuition, the only cost I had to pay on my own was for books and supplies. Otherwise, I received a free master's degree. All I had to invest was my time.
ReplyDeleteDigital Marketing Course in Bangalore
Cloud Computing has been the stage for emerging technologies and an increase in career opportunities for both fresher and professional.
ReplyDeleteCloud Computing Course Fees in Bangalore
Hi, Thanks for sharing nice articles....
ReplyDeleteDDA RTI Online
This is an awesome motivational article. I am practically satisfied with your excellent work. You put really extremely useful data. Keep it up like this. Keep blogging. Looking forward to reading your next post
ReplyDeleteData Science Training in Erode
Nice blog
ReplyDeleteData Science Course
Cooperating with Slotegrator also streamlines the due diligence process by sustaining relationships with recreation content developers, who typically require less documentation 카지노 from our shoppers. Some recreation developers offer slot tournaments the place gamers have a limited variety of money or spins and compete with each other for a prize. Tournaments may be mixed with free spins — operators unwilling to offer a money prize pool can offer free spins instead. With correct promotion, tournaments have confirmed to extend player engagement. Players who prefer to make regular deposits and guess big are a important segment that operators should care about — that’s the place VIP packages come in in}. They are tiered loyalty packages that offer increasing rewards, advantages, and perks as gamers climb the levels of this system.
ReplyDelete