-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support SSL domains #5
Comments
The proposed API to support SSL virtual hosts: $ dokku domains:setssl APP CERT_NAME DOMAIN1 [DOMAIN2 ...] Which corresponds to a SSL cert file located at This is mostly working in the develop branch... https://github.com/wmluke/dokku-domains-plugin/blob/develop/commands#L34 Thoughts? |
This looks perfect to me. How exactly do I need to setup SSL for this to work though? (sorry i'm new to SSL). I know I need to generate a CSR and get the certificate, but do I need to do all that in the |
I know only enough about generating SSL certs to be dangerous, so I don't want to give you the wrong advise. Basically, you need to decide if a self-signed cert will do or if you need a CA signed cert. Browsers will emit security warnings for the former, but you'll have to pay $$ for the latter. For CA's, I've used Start SSL b/c they are so cheap and seem trust worthy enough. But there are plenty of alternatives. In either case, once you're through the process, just be careful where and how you store and transfer your private certs. Keep it secret. Keep it safe. CA's:
References:
Good Luck! |
And yes, once you have the certs in hand, you'll need to put them in Ref: http://nginx.org/en/docs/http/configuring_https_servers.html I'll include more detailed instructions in the readme, once I've had more time to test and iron out the command api. |
Do I need to do any other SSL setup after I get the certificate if I put my certificate etc in the Update: After a server restart it is now working! Yay! |
@JoshuaNovak919 For all my dev/testing I use http://cacert.org/ Free, supported by most browsers, etc... For production I use one of a few 'big name' providers. @wmluke: Implementation looks good. I'll check out dev and let you know in a few minutes |
Closing b/c #15. |
Support SSL enabled virtual host configurations and a nice way to map hostnames to SSL certificates.
The text was updated successfully, but these errors were encountered: