KiwiIRC icon indicating copy to clipboard operation
KiwiIRC copied to clipboard

Published 20 hours ago verified publisher icon prawnsalad

Let’s Encrypt cert

Open Indjov opened this issue 8 years ago • 8 comments

Someone Were you able to go kiwiirc with such a certificate and how you did it to let go?

Indjov avatar Aug 30 '16 11:08 Indjov

Hello,

you can setup a reverse proxy for that task:

https://kiwiirc.com/docs/installing/proxies

Do you want KiwiIRC on a domain/subdomain directly or on a subfolder ?

ghost avatar Aug 30 '16 12:08 ghost

Yeah , i want it on my domain name ;)

Indjov avatar Aug 30 '16 13:08 Indjov

This config below will work (Nginx example) :

server {
   listen 443;
   server_name kiwi.example.com;
   ssl on;
   ssl_protocols TLSv1.2;
   ssl_certificate /etc/letsencrypt/live/kiwi.example.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/kiwi.example.com/privkey.pem;
   location / {
   proxy_pass http://localhost:7778/kiwi/;
   }
}

I haven't put the complete options for ssl, like the dhparams etc. But you can check and secure your SSL connection with https://www.ssllabs.com/ssltest/index.html

ghost avatar Aug 30 '16 13:08 ghost

You can use Mozilla's config generator for that: https://mozilla.github.io/server-side-tls/ssl-config-generator/

Defman21 avatar Sep 13 '16 19:09 Defman21

@Indjov in config.js make sure you have the following:

ssl_key: "/etc/letsencrypt/live/yourdomain.com/privkey.pem",
ssl_cert: "/etc/letsencrypt/live/yourdomain.com/cert.pem",
ssl_ca: "/etc/letsencrypt/live/yourdomain.com/chain.pem"

johnange avatar Jan 01 '17 17:01 johnange

On my server those files are in: /usr/local/psa/var/modules/letsencrypt/etc/liveexample.com

Then my configuration is:

Example SSL server block conf.servers.push({ port: 7777, address: "0.0.0.0",

    ssl:   true,
    ssl_key: "/usr/local/psa/var/modules/letsencrypt/etc/live/example.com/server.key",
    ssl_cert: "/usr/local/psa/var/modules/letsencrypt/etc/live/example.com/cert.pem",
     ssl_ca: "/usr/local/psa/var/modules/letsencrypt/etc/live/example.com/chain.pem"
});

But the page is left blank loading and from there it does not pass.

rhodwulf avatar May 02 '17 04:05 rhodwulf 

server {
   listen 443;
   server_name kiwi.example.com;
   ssl on;
   ssl_protocols TLSv1.2;
   ssl_certificate /etc/letsencrypt/live/kiwi.example.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/kiwi.example.com/privkey.pem;
   location / {
   proxy_pass https://kiwi.example.com:7777;
   }
}

Do it like that for SSL and avoid the port number in the url.

DuR4c3ll avatar Feb 28 '18 10:02 DuR4c3ll

Charge port to 443 or the port number has to be a part of the url.

How should the browser know that you are using non default port for https otherwise?

Regards Johan

On Feb 28, 2018 11:58, "DuR4c3ll" [email protected] wrote:

Hello, I have everything installed and working but I have one issue that is vexing me. I do not want to see the port number in the browser url. I'd like it to be like so:

https://mysubdomain.site.com/ https://mysubdomain.site.com/

Instead of: https://mysubdomain.site.com:7777 https://mysubdomain.site.com:7777

If it helps I am using Nginx and I have fiddled but I just cannot get it to work.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/prawnsalad/KiwiIRC/issues/895#issuecomment-369204006, or mute the thread https://github.com/notifications/unsubscribe-auth/AAzHJ-i4SIcOeBlDFe6aENZ16iN4Kvd1ks5tZTFJgaJpZM4Jwa1F .

jryberg avatar Feb 28 '18 16:02 jryberg