VPS Letsencrypt certificate paths/location?

vps

#1

Hi folks, I’ve got a mediawiki 1.33 install (manual not one-click since one-click is only version 1.32) and my database imported as transferred from a different host provider. I ran the various maintenance scripts, update, tested and everything is running great. I’m currently in the process of getting the Visual Editor extension set up and it too is running great after maintenance update. This required a node parsoid (0.10.0) service developer module which is up and running.

However, parsoid runs on http by default which works perfectly but also triggers mixed content warnings, so in order to run parsiod over https, I have installed stunnel in my user directory (could see it was already running on the server but without sudo couldn’t figure out how to configure it so went for a local install to configure) and I cannot figure out how to specify the paths to my Letsencrypt certificates… I have searched the forums and the Dreamhost documentation and can find nothing about this.

I am not familiar with stunnel, but I see my other option might be to use it to create some certificates for parsoid to run over https. Would be nice though to just use Letsencrypt if someone can provide a clue as to how to determine the paths to my certs? I have looked in the default location for them /etc/letsencrypt/live//fullchain.pem but there appears to be no /etc/letsencrypt/ folder and I’m at a bit of a loss. Thoughts? Clues on how to proceed?

Thanks in advance


#2

When you turn on HTTPS in your Manage Domains DH pannel, the LetsEncrypt cert installs automatically in the .well-known/ directory which is hidden by design.


#3

If you are still experiencing mixed content warnings…

• Read all info at your host concerning certificates & switching to HTTPS and when applicable, follow those instructions.

• Install security certificate.

• Have your host enable HTTPS (if needed.) This will enable access from both HTTP & HTTPS allowing normal access while you test.

• Go through site, page by page & make sure all file paths are relative (no protocol.) Test by accessing site using HTTPS and look for any browser alerts.

• Edit any absolute paths to HTTPS

• Install 301 code in .htaccess file

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] 

#4

I’m not familiar with Parsiod, but DH recommends running Node.js services under Passenger. With this setup, the web server handles HTTPS/certs/etc. Another alternative might be to setup the web server to reverse-proxy the Parsiod service (again the web server would handle HTTPS).

Running Node.js services via Passenger:


#6

Yes, I forced it to load https via .htaccess which seemed to work, thanks. The rest was already done. :slight_smile:


#7

Great, saved me a few steps. After writing to the htaccess to force https the mixed content warnings are now gone.


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.