{"id":358,"date":"2024-02-14T14:54:31","date_gmt":"2024-02-14T13:54:31","guid":{"rendered":"https:\/\/contecon.de\/picapportwiki\/?page_id=358"},"modified":"2024-02-14T14:56:34","modified_gmt":"2024-02-14T13:56:34","slug":"konfiguration-des-picapport-servers-fuer-ssl-mit-letsencrypt","status":"publish","type":"page","link":"https:\/\/contecon.de\/picapportwiki\/konfiguration-des-picapport-servers-fuer-ssl-mit-letsencrypt\/","title":{"rendered":"Konfiguration des PicApport Servers f\u00fcr SSL mit Letsencrypt"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"358\" class=\"elementor elementor-358\">\n\t\t\t\t<div class=\"elementor-element elementor-element-ac29195 e-flex e-con-boxed e-con e-parent\" data-id=\"ac29195\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-050ded0 elementor-widget elementor-widget-heading\" data-id=\"050ded0\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.19.0 - 07-02-2024 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">Konfiguration des PicApport Servers f\u00fcr SSL mit Letsencrypt<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-7f8d9ba e-flex e-con-boxed e-con e-parent\" data-id=\"7f8d9ba\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-75d5281 elementor-widget elementor-widget-heading\" data-id=\"75d5281\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Hintergrund Information<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-d67debb e-flex e-con-boxed e-con e-parent\" data-id=\"d67debb\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-b695802 elementor-widget elementor-widget-text-editor\" data-id=\"b695802\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.19.0 - 07-02-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p>Der Offline Modus von PicApport wird von modernen Browsern nur noch f\u00fcr SSL Verbindungen unterst\u00fctzt. Stichwort hierzu ist &#8222;<em>progressive Web App<\/em>&#8220; (PWA).<\/p><p>PicApport nutzt hierf\u00fcr je nach Konfiguration entweder:<\/p><ul><li>Application Cache (AppCache)<\/li><li>oder die moderneren &#8222;Service Worker&#8220;<\/li><\/ul><p>Der Aufwand und die Kosten f\u00fcr Privatanwender und kleine Firmen Server \u00fcber DynDns mit einem g\u00fcltigen Zertifikat auszustatten ist relativ hoch.<\/p><p><a class=\"external-link\" href=\"https:\/\/letsencrypt.org\/\" rel=\"nofollow\">https:\/\/letsencrypt.org\/<\/a>\u00a0bietet hier eine L\u00f6sung \u00fcber das standardisierte ACME Protokoll welches wir ab Version 7.6.x in PicApport implementiert haben.<\/p><p><em><strong>Ziel hierbei ist:<\/strong><\/em><\/p><ul><li>SSL einmalig in PicApport f\u00fcr Letsencrypt zu konfigurieren<br \/><br \/><\/li><li>Einmal konfiguriert sorgt PicApport automatisch f\u00fcr die Aktualisierung der Zertifikate<br \/>Alles funktioniert voll automatisch.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-5b78967 e-flex e-con-boxed e-con e-parent\" data-id=\"5b78967\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-9a57c2e elementor-widget elementor-widget-heading\" data-id=\"9a57c2e\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Konfiguration<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-277e29c e-flex e-con-boxed e-con e-parent\" data-id=\"277e29c\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-ff13208 elementor-widget elementor-widget-text-editor\" data-id=\"ff13208\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Das folgende Schaublid zeigt wie SSL f\u00fcr Letsencrypt konfiguriert wird:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-2b7a99e e-flex e-con-boxed e-con e-parent\" data-id=\"2b7a99e\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-a7127ee elementor-widget elementor-widget-image\" data-id=\"a7127ee\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.19.0 - 07-02-2024 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/02\/PicApport-Homeserver-mit-Lets-Encrypt-DE-1024x576.jpg\" class=\"attachment-large size-large wp-image-360\" alt=\"\" srcset=\"https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/02\/PicApport-Homeserver-mit-Lets-Encrypt-DE-1024x576.jpg 1024w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/02\/PicApport-Homeserver-mit-Lets-Encrypt-DE-300x169.jpg 300w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/02\/PicApport-Homeserver-mit-Lets-Encrypt-DE-768x432.jpg 768w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/02\/PicApport-Homeserver-mit-Lets-Encrypt-DE-1536x864.jpg 1536w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/02\/PicApport-Homeserver-mit-Lets-Encrypt-DE-800x450.jpg 800w, https:\/\/contecon.de\/picapportwiki\/wp-content\/uploads\/2024\/02\/PicApport-Homeserver-mit-Lets-Encrypt-DE.jpg 1920w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-6264405 e-flex e-con-boxed e-con e-parent\" data-id=\"6264405\" data-element_type=\"container\" data-settings=\"{&quot;content_width&quot;:&quot;boxed&quot;}\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-726a026 elementor-widget elementor-widget-text-editor\" data-id=\"726a026\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Wie im obigen Bild ersichtlich m\u00fcssen 5 Parameter in die\u00a0<em><strong>picapport.properties<\/strong><\/em>\u00a0eingetragen werden. Nach einem Neustart des Servers sollte alles automatisch eingerichtet werden.<\/p><p>Die Letsencrypt-Aktivit\u00e4ten werden in den Logdateien unter\u00a0<em>de.contecon.picapport.security.utils.LetsEncryptService::<\/em>\u00a0dokumentiert (ab Version 7.6 auch \u00fcber die Weboberfl\u00e4che abfragbar wenn man berechtigt ist)<\/p><div class=\"code panel pdl conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"code\"><div class=\"codeContent panelContent pdl\"><div><div id=\"highlighter_680899\" class=\"syntaxhighlighter sh-confluence nogutter  text\"><table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tbody><tr><td class=\"code\"><div class=\"container\" title=\"Hint: double-click to select code\"><div class=\"line number1 index0 alt2\"><code class=\"text plain\">MSG\u00a0 @ 02:53:53.040 de.contecon.picapport.security.utils.LetsEncryptService:: OK: valid certificate found. No renew necessary.<\/code><\/div><div class=\"line number2 index1 alt1\"><code class=\"text plain\">MSG\u00a0 @ 02:53:55.008 de.contecon.picapport.security.utils.LetsEncryptService:: UPDATE: certificate expired.Tue Jul 09 02:53:55 CEST 2019-Mon Oct 07 02:53:55 CEST 2019<\/code><\/div><div class=\"line number3 index2 alt2\"><code class=\"text plain\">MSG\u00a0 @ 02:53:55.008 de.contecon.picapport.security.utils.LetsEncryptService:: UPDATE: no matched entries in keystore found<\/code><\/div><div class=\"line number4 index3 alt1\"><code class=\"text plain\">MSG\u00a0 @ 02:53:55.008 de.contecon.picapport.security.utils.LetsEncryptService:: UPDATE: starting renew<\/code><\/div><div class=\"line number5 index4 alt2\"><code class=\"text plain\">MSG\u00a0 @ 02:53:56.571 de.contecon.picapport.security.utils.LetsEncryptService:: UPDATE: challenge accepted<\/code><\/div><div class=\"line number6 index5 alt1\"><code class=\"text plain\">MSG\u00a0 @ 02:53:59.008 de.contecon.picapport.security.utils.LetsEncryptService:: OK: challenge has been completed<\/code><\/div><\/div><\/td><\/tr><\/tbody><\/table><\/div><\/div><\/div><\/div><div class=\"confluence-information-macro confluence-information-macro-warning conf-macro output-block\" data-hasbody=\"true\" data-macro-name=\"warning\"><p class=\"title\">Wichtiger Hinweis<\/p><div class=\"confluence-information-macro-body\"><p><em><strong>server.port<\/strong><\/em>\u00a0sowie\u00a0<strong><em>server.letsencrypt.challenge.port<\/em><\/strong>\u00a0k\u00f6nnen frei gew\u00e4hlt werden.<br \/>Allerdings muss sichergestellt sein, das der Challenge-Port von &#8222;au\u00dfen&#8220; immer \u00fcber Port 80 erreicht werden kann.<\/p><p>Das ist eine Vorgabe von Letsencrypt und kann nicht ver\u00e4ndert werden.<\/p><p>Bitte auch beachten das Portnummern &lt; 1024 unter Linux (incl. Apple) sogenannte\u00a0<em><strong>Priviliged ports<\/strong><\/em>\u00a0sind und entsprechend behandelt werden m\u00fcssen.<br \/>siehe hierzu auch:\u00a0<a class=\"external-link\" href=\"https:\/\/stackoverflow.com\/questions\/413807\/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux\" rel=\"nofollow\">https:\/\/stackoverflow.com\/questions\/413807\/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux<\/a><\/p><\/div><\/div>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Konfiguration des PicApport Servers f\u00fcr SSL mit Letsencrypt Hintergrund Information Der Offline Modus von PicApport wird von modernen Browsern nur noch f\u00fcr SSL Verbindungen unterst\u00fctzt. Stichwort hierzu ist &#8222;progressive Web App&#8220; (PWA). PicApport nutzt hierf\u00fcr je nach Konfiguration entweder: Application Cache (AppCache) oder die moderneren &#8222;Service Worker&#8220; Der Aufwand und die Kosten f\u00fcr Privatanwender und [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-358","page","type-page","status-publish","hentry","entry"],"_links":{"self":[{"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/pages\/358","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/comments?post=358"}],"version-history":[{"count":4,"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/pages\/358\/revisions"}],"predecessor-version":[{"id":363,"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/pages\/358\/revisions\/363"}],"wp:attachment":[{"href":"https:\/\/contecon.de\/picapportwiki\/wp-json\/wp\/v2\/media?parent=358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}