Textpattern CMS support forum

You are not logged in. Register | Login | Help

#11 2018-08-29 15:34:41

bici
Member
From: vancouver
Registered: 2004-02-24
Posts: 1,315
Website

Re: http to https in textpattern


# BEGIN Textpattern
#DirectoryIndex index.php index.html
#Options +FollowSymLinks
#Options -Indexes
#ErrorDocument 403 default
<IfModule mod_rewrite.c>
    RewriteEngine On
    #RewriteBase /relative/web/path/
    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^(.+) - [PT,L]
    RewriteCond %{REQUEST_URI} !=/favicon.ico
    RewriteRule ^(.*) index.php
    RewriteCond %{HTTP:Authorization}  !^$
    RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}]
</IfModule>
<IfModule mod_mime.c>
    AddType image/svg+xml  svg svgz
    AddEncoding gzip       svgz
</IfModule>
# END Textpattern

Last edited by bici (2018-08-29 15:45:23)


…. texted postive

Offline

#12 2018-08-29 15:47:04

bici
Member
From: vancouver
Registered: 2004-02-24
Posts: 1,315
Website

Re: http to https in textpattern

P.S.
Today when i tried it again it complained of not having an certificate.
I thought that the code was a way of doing secure sites without teh certificate. perhaps i am wrong


…. texted postive

Offline

#13 2018-08-29 17:25:40

jakob
Moderator
From: Germany
Registered: 2005-01-20
Posts: 3,159
Website

Re: http to https in textpattern

If you use https, you definitely need a certificate or it will complain. This method is just a way of making non-http visits to your homepage switch to using https:

I’d also put back the blank lines between the different directives in your htaccess file, even if it’s just for readability. Each set of conditions applies to the rule beneath it.


TXP Builders – finely-crafted code, design and txp

Online

#14 2018-08-29 17:29:04

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,379

Re: http to https in textpattern

bici wrote #313692:

P.S. Today when i tried it again it complained of not having an certificate.
I thought that the code was a way of doing secure sites without teh certificate. perhaps i am wrong

That’s very likely it – the redirect needs a certificate for it to work.

Offline

#15 2018-08-29 23:58:14

bici
Member
From: vancouver
Registered: 2004-02-24
Posts: 1,315
Website

Re: http to https in textpattern

gaekwad wrote #313698:

That’s very likely it – the redirect needs a certificate for it to work.

ok. for some reason i thought it was to take place of an SSL Certificate

Now await what Webfaction will do about implementing a CP based solution with Lets Encrypt.


…. texted postive

Offline

#16 2018-08-30 09:03:07

jakob
Moderator
From: Germany
Registered: 2005-01-20
Posts: 3,159
Website

Re: http to https in textpattern

bici wrote #313707:

ok. for some reason i thought it was to take place of an SSL Certificate

Now await what Webfaction will do about implementing a CP based solution with Lets Encrypt.

You might have to wait a long time! This method does work, though.


TXP Builders – finely-crafted code, design and txp

Online

#17 2018-08-30 15:18:53

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,020
Website

Re: http to https in textpattern

I’m trying to just update my certs using the manual method I’ve been using for WebFaction and getting problems now. When adding the --debug directive, it just spits out tons of lines I can’t make heads or tales of.

The method I’ve been following is Greg Brown’s acme-wf, which isn’t as advanced as the one mentioned below in terms of running the cert requests once for all sites on the same domain, but that doesn’t really bother me.

One thing it says there under ‘Usage, (1)’:

Note you’ll need to set up your site to serve the files in /path/to/webroot/.well-known at http://example.com/.well-known.

I don’t have .well-known anywhere and I don’t remember having to set that up before.

jakob wrote #313717:

This method does work, though.

I’m looking at that, but I don’t even know where to begin. Does anyone have an idiot’s version for someone who’s got expired certs done manually?


The text persuades, the *notes prove。

Offline

#18 2018-08-31 10:31:44

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,020
Website

Re: http to https in textpattern

jakob wrote #313717:

This method does work, though.

I’m going to try and get my head around this today. If successful, I’ll draft up my own notes on it. These github resources, from the devs, all make a certain degree of assumptions about what the user of the docs knows or has experience with. It’s not always from there own lens of the world. Layman’s rewrite’s are often appreciated. I certainly do appreciate them. And sometimes that simply means writing simple 1, 2, 3, process with the exact cut/paste commands needed. I can follow that kind of thing.


The text persuades, the *notes prove。

Offline

#19 2018-08-31 13:12:53

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,020
Website

Re: http to https in textpattern

Jakob (or anyone who knows),

I think you’ve succeed with the Will-n-Wi method for WebFaction. So far I’m making my way through, but if I may ask…

In the ~/letsencrypt_webfaction.toml config file there’s a number of custom settings that need made. I’m unsure on this one:

[[certificate]]
# The list of domains for which the cert should be issued. The first will be the common name.
domains = [
  "domain.tld",
  "www.domain.tld",
  "sub1.domain.tld",
  "www.sub1.domain.tld",
  "sub2.domain.tld",
  "www.sub2.domain.tld"
]

First, is that [[certificate]] line a placeholder for something I need to change or just a variable marker I can ignore? I think it’s the latter, because further down in the file is a place to add the name= of the ssl cert as existing in the WF dashboard (assuming you want to use the same one), so I’m guessing [[certificate]] is just getting populated by what’s designated in name=?

Second, I’m assuming that’s the correct way to list all sites for a given domain, including the www subdomains if you have it setup that way in the dashboard and are using Class B domain designations? (i.e. no ‘www’).

Third, at bottom of the .toml config file is another place for a ‘second certificate’. I’m guessing that’s only if you had another domain (i.e. domain2.tld). It’s not actually saying I have to create a new cert for each of the subdomains listed above? (I hope not).


The text persuades, the *notes prove。

Offline

#20 2018-08-31 13:53:26

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,020
Website

Re: http to https in textpattern

I think this info about updating the LE WebFaction ruby gems answers my first two questions. It shows an example there of what it should look like in the config file:

[[certificate]]
domains = [
  "example.com",
  "www.example.com",
  "test.example.com"
]
public = "~/webapps/myapp/"
name = "mycertname"

So that seems to be what I was expecting.

And now I’m almost positive I don’t need the second [[certificate]] block either, since I’m not working with a second domain name right now.

But, never fear… I have new questions. ;)

First, in the config file again, there’s a block for setting the path to webapp roots, and it gives examples like:

~/webapps/myapp/public_html

My webapps have paths like this, ~/webapps/wion,. So what is this ‘public_html’ thing about? Do I have to put a directory called that in the wappapp root for each site? Scratch that, again the example at top seems to clarify no ‘public_html’ is needed, so the default config file is a little confusing as provided. (And why it pays to write one’s own notes after experimentation.)

Second, moving beyond the config file, the command to generate the certs (test or real) is

letsencrypt_webfaction [cmd] [*args]

Where [cmd] options are init and run. But do I use them both? One or the other? It doesn’t say nor describes either one. I don’t want to just start blasting commands experimentally and blow up my neighbourhood.


The text persuades, the *notes prove。

Offline

Board footer

Powered by FluxBB