Week 14

Greetings, welcome to my Week 14 blog, WhiteSpace Week. This week my main objective is to enable HTTPS encryption between my server (Laptop in this case). I am using the XAMPP (XAMPP Apache + MariaDB + PHP + Perl) (a recursive acronym). Setting up HTTPS needs one very important thing, that is a certificate, normally for an open web server on the internet, this is not an issue. Since I am using a device that is not exposed to the public internet, nor do I have a public domain name at the moment, thus means that I am unable get an SSL/TLS certificate from a trusted authority (for example Let's Encrypt). Therefore I would need to generate my own Self-Signed Certificate, which uses a tool, for example OpenSSL, to generate a cert, based on a DNS name (internal). In the first picture below, I needed to create a file which listed my Subject Alternative Name (SAN) (for testing using Google Chrome). The next 2 picture shows the details of my certificate, including the public key included, the Authority (myself), and even my SAN can be decoded. In the 4th picture, I have set my Apache configuration to deliver my certificate, for every port 443 (HTTPS) request, which is needed for HTTPS. Next is to let the Raspberry Pi trust the certificate, my exporting the variable SSL_CERT_FILE, for curl to recognise the certificate. In the final picture, success! I have let curl run in verbose mode, printing out that it is using TLSv1.3 and it verified my SSL/TLS certificate is valid, making a successful HTTPS connection. Thank you very much for listening, I will be actually deploying the 2 app stacks, PHP and ASP.NET over to my cloud server next week. Stay tuned.