{"id":1145,"date":"2024-03-13T09:33:43","date_gmt":"2024-03-13T08:33:43","guid":{"rendered":"https:\/\/contecon.de\/picapportwiki\/?page_id=1145"},"modified":"2024-03-13T09:36:45","modified_gmt":"2024-03-13T08:36:45","slug":"configuration-of-the-picapport-server-for-ssl-with-letsencrypt","status":"publish","type":"page","link":"https:\/\/contecon.de\/picapportwiki\/configuration-of-the-picapport-server-for-ssl-with-letsencrypt\/","title":{"rendered":"Configuration of the PicApport Server for SSL with Letsencrypt"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"1145\" class=\"elementor elementor-1145\">\n\t\t\t\t<div class=\"elementor-element elementor-element-13c4d49 e-flex e-con-boxed e-con e-parent\" data-id=\"13c4d49\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-7e97619 elementor-widget elementor-widget-heading\" data-id=\"7e97619\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.19.0 - 07-02-2024 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">Configuration of the PicApport Server for SSL with Letsencrypt<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-96da545 elementor-widget elementor-widget-text-editor\" data-id=\"96da545\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.19.0 - 07-02-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<div class=\"confluence-information-macro-body\"><p>The following documentation is for a PicApport version which will be available for our beta testers in late summer 2019.<\/p><p>Who would like to take part in this test simply write a mail to <a class=\"external-link\" href=\"mailto:info@picapport.de\" rel=\"nofollow\">info@picapport.de<\/a><\/p><\/div>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fa266e5 elementor-widget elementor-widget-heading\" data-id=\"fa266e5\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Background Information<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-345ebcd elementor-widget elementor-widget-text-editor\" data-id=\"345ebcd\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The offline mode of PicApport is supported by modern browsers only for SSL connections. The keyword here is &#8222;<em>progressive Web App&#8220;<\/em> (PWA).<\/p><p>PicApport uses depending on the configuration either:<\/p><ul><li>Application Cache (AppCache)<\/li><li>or the more modern <em>&#8222;service workers&#8220;<\/em>.<\/li><\/ul><p>The effort and the costs for private users and small companies to equip servers with a valid certificate via DynDns is relatively high.<\/p><p><a class=\"external-link\" href=\"https:\/\/letsencrypt.org\/\" rel=\"nofollow\">https:\/\/letsencrypt.org\/<\/a> offers a solution via the standardized ACME protocol which we have implemented from version 7.6.x in PicApport.<\/p><p><em><strong>The goal is:<\/strong><\/em><\/p><ul><li>Configure SSL once in PicApport for Letsencrypt<br \/><br \/><\/li><li>Once configured, PicApport automatically updates the certificates <br \/>Everything works fully automatic.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-87178bd elementor-widget elementor-widget-heading\" data-id=\"87178bd\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Configuration<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-be9df20 elementor-widget elementor-widget-text-editor\" data-id=\"be9df20\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The following diagram shows how to configure SSL for Letsencrypt:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4aa0de8 elementor-widget elementor-widget-image\" data-id=\"4aa0de8\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.19.0 - 07-02-2024 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/03\/PicApport-Homeserver-with-Lets-Encrypt-EN-1024x576.jpg\" class=\"attachment-large size-large wp-image-1147\" alt=\"\" srcset=\"https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/03\/PicApport-Homeserver-with-Lets-Encrypt-EN-1024x576.jpg 1024w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/03\/PicApport-Homeserver-with-Lets-Encrypt-EN-300x169.jpg 300w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/03\/PicApport-Homeserver-with-Lets-Encrypt-EN-768x432.jpg 768w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/03\/PicApport-Homeserver-with-Lets-Encrypt-EN-1536x864.jpg 1536w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/03\/PicApport-Homeserver-with-Lets-Encrypt-EN-800x450.jpg 800w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/03\/PicApport-Homeserver-with-Lets-Encrypt-EN.jpg 1920w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-686d3e1 elementor-widget elementor-widget-text-editor\" data-id=\"686d3e1\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>As shown in the picture above, 5 parameters must be entered in the<em><strong> picapport.properties<\/strong><\/em>. After a restart of the server everything should be set up automatically.<\/p><p>The Letsencrypt activities are documented in the log files under <em>de.contecon.picapport.security.utils.LetsEncryptService::<\/em> (from version 7.6 also queryable via the web interface if you are authorized)<\/p><div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\"><div class=\"codeContent panelContent pdl\"><div><div id=\"highlighter_447138\" class=\"syntaxhighlighter sh-confluence nogutter  text\"><table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tbody><tr><td class=\"code\"><div class=\"container\" title=\"Hint: double-click to select code\"><div class=\"line number1 index0 alt2\"><code class=\"text plain\">MSG\u00a0 @ 02:53:53.040 de.contecon.picapport.security.utils.LetsEncryptService:: OK: valid certificate found. No renew necessary.<\/code><\/div><div class=\"line number2 index1 alt1\"><code class=\"text plain\">MSG\u00a0 @ 02:53:55.008 de.contecon.picapport.security.utils.LetsEncryptService:: UPDATE: certificate expired.Tue Jul 09 02:53:55 CEST 2019-Mon Oct 07 02:53:55 CEST 2019<\/code><\/div><div class=\"line number3 index2 alt2\"><code class=\"text plain\">MSG\u00a0 @ 02:53:55.008 de.contecon.picapport.security.utils.LetsEncryptService:: UPDATE: no matched entries in keystore found<\/code><\/div><div class=\"line number4 index3 alt1\"><code class=\"text plain\">MSG\u00a0 @ 02:53:55.008 de.contecon.picapport.security.utils.LetsEncryptService:: UPDATE: starting renew<\/code><\/div><div class=\"line number5 index4 alt2\"><code class=\"text plain\">MSG\u00a0 @ 02:53:56.571 de.contecon.picapport.security.utils.LetsEncryptService:: UPDATE: challenge accepted<\/code><\/div><div class=\"line number6 index5 alt1\"><code class=\"text plain\">MSG\u00a0 @ 02:53:59.008 de.contecon.picapport.security.utils.LetsEncryptService:: OK: challenge has been completed<\/code><\/div><\/div><\/td><\/tr><\/tbody><\/table><\/div><\/div><\/div><\/div><div class=\"confluence-information-macro confluence-information-macro-warning conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"warning\"><p class=\"title\">Important notice<\/p><div class=\"confluence-information-macro-body\"><p><em><strong>server.port<\/strong><\/em> and<em><strong> server.letsencrypt.challenge.port<\/strong><\/em> can be chosen freely.<br \/>However, it must be ensured that the challenge port can always be reached from &#8222;outside&#8220; via port 80.<\/p><p>This is a default of Letsencrypt and cannot be changed.<\/p><p>Please also note that port numbers &lt; 1024 under Linux (incl. Apple) are so-called privileged ports and must be handled accordingly.<br \/>see also: <a class=\"external-link\" href=\"https:\/\/stackoverflow.com\/questions\/413807\/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux\" rel=\"nofollow\">https:\/\/stackoverflow.com\/questions\/413807\/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux<\/a><\/p><\/div><\/div>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-a1df470 e-flex e-con-boxed e-con e-parent\" data-id=\"a1df470\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Configuration of the PicApport Server for SSL with Letsencrypt The following documentation is for a PicApport version which will be available for our beta testers in late summer 2019. Who would like to take part in this test simply write a mail to info@picapport.de Background Information The offline mode of PicApport is supported by modern [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1145","page","type-page","status-publish","hentry","entry"],"_links":{"self":[{"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/pages\/1145","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/comments?post=1145"}],"version-history":[{"count":4,"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/pages\/1145\/revisions"}],"predecessor-version":[{"id":1150,"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/pages\/1145\/revisions\/1150"}],"wp:attachment":[{"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/media?parent=1145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}