Koozali.org: home of the SME Server

Letencrypt and Password Protected Ibay - password required outside local network

Offline MarkR

  • **
  • 56
  • +0/-0
Hi All,

I have installed letsencrypt with no issues and all appears to be working ok, apart from if I select to Password protect the Ibay via the server manager

The apache authentication appears but the certificate is invalid?? (your connection is not private etc etc.)

Once past the apache authentication and on the actual website, the certificate then displays as Valid.

What could be causing this??  is the only way around this to create .htaccess .htpasswd on the ibay itself.

Hope this makes sense.

Many thanks in advance.
Mark

...

Offline ReetP

  • *
  • 3,722
  • +5/-0
Hi All,

I have installed letsencrypt with no issues and all appears to be working ok, apart from if I select to Password protect the Ibay via the server manager

The apache authentication appears but the certificate is invalid?? (your connection is not private etc etc.)

Once past the apache authentication and on the actual website, the certificate then displays as Valid.

What could be causing this?? 

Good question as I don't see it myself. But that proves nothing much.

What version of letsencrypt are you running:

Code: [Select]
rpm -qa |grep letsencrypt
rpm -qa |grep dehydrated

Quote
is the only way around this to create .htaccess .htpasswd on the ibay itself.

Don't, at least for now..... that may cause other issues. Better to try and nail this one.

Quote
Hope this makes sense.

Not yet, but it may in time :-)

...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline MarkR

  • **
  • 56
  • +0/-0
Hi Reetp,

smeserver-letsencrypt-0.4-4.noarch
dehydrated-0.5.0-3.el6.sme.noarch

Many thanks
...

Offline ReetP

  • *
  • 3,722
  • +5/-0
I'll try to remember to have more of a look at this tomorrow.

Ran out of time today.... and busy tomorrow morning.
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline MarkR

  • **
  • 56
  • +0/-0
I'll try to remember to have more of a look at this tomorrow.

Ran out of time today.... and busy tomorrow morning.

Superb, Many thanks Reetp :-)
...

Offline MarkR

  • **
  • 56
  • +0/-0
A little more info on my setup

Server Name : server.local -> primary Ibay ( not used, noo SSL setup )
Virtual Domain : www.website.com -> Ibay1  -  SSL cert working on site
Virtual Doamin : www.website2.com -> Ibay2  -  SSL cert working on site

Server-manager password protect Ibay2 - Apache Authentication ** NOT Secure **.

thanks in advance
Mark
...

Offline ReetP

  • *
  • 3,722
  • +5/-0
A little more info on my setup
Server Name : server.local -> primary Ibay ( not used, noo SSL setup )


OK - I can see this now. Have it on my main box when accessing a password enabled Internet wide ibay. And my box has letsencrypt enabled for the main domain too.

No idea I'm afraid. I can only guess that when it uses password authentication it somehow uses the original self signed certificate.

I'll see if someone else pops up with a solution. We may need to bug on this.
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline ReetP

  • *
  • 3,722
  • +5/-0
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline warren

  • *
  • 291
  • +0/-0
A little more info on my setup

Server Name : server.local -> primary Ibay ( not used, noo SSL setup )
Virtual Domain : www.website.com -> Ibay1  -  SSL cert working on site
Virtual Doamin : www.website2.com -> Ibay2  -  SSL cert working on site

Server-manager password protect Ibay2 - Apache Authentication ** NOT Secure **.

thanks in advance
Mark

what happens if you set Ibay2 to : Force secure connections : Enabled

Offline ReetP

  • *
  • 3,722
  • +5/-0
what happens if you set Ibay2 to : Force secure connections : Enabled

Mine already was ;-)

So that doesn't work.....
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation