|
I have a small webserver running on a Raspberry Pi in my house that does some home automation. I have it set up with Apache2 normal authentication and a weird port number, which I know is Not Good Enough. What is the easiest and cheapest way to get SSL working without any of those scary web browser messages about unknown certificates? I don't think I can just put these files on a web host and expect the home automation to keep working. I have a domain name from AlpsNames that is cname'd to a dynamic dns provider, if that is helpful information.
|
# ¿ Apr 6, 2016 17:16 |
|
|
# ¿ May 5, 2024 12:25 |
|
OSI bean dip posted:Seconding this. If you're running a website in 2016 without SSL, you're a buffoon. So if I have https running (and http disabled), and have directory-level authentication with apache, I'm pretty much good to go, then? Just keep it updated and refresh my cert every week, and everything should be golden?
|
# ¿ Apr 6, 2016 19:46 |
|
Let's say I have a page with sensitive information on an Apache server. The server is running https-only and the sensitive information requires a login and password for access. An iOS user is frustrated because Safari won't just store the login details, so the iOS user must enter the login information manually every time. How much less secure is it to just make the resource accessible by entering an extremely long gibberish-filled URL? Let's ignore factors related to the iOS device, like losing the device or the device being compromised.
|
# ¿ Mar 19, 2017 20:54 |
|
wolrah posted:Why won't the iOS device save the credentials? I'd fix that rather than trying to make an obscured URL. I used Let's Encrypt. Chrome on my Android phone saves the password no problem, as do Chrome and Firefox on my desktop computer, but iOS refuses to do it. I get the nice green "Secure" lock when I visit the page in Chrome. I have no experience with iOS, so I don't know what the cause is.
|
# ¿ Mar 19, 2017 21:09 |