1. General
  2. Ideas
+2

Use letsencrypt wildcard with ubooquity

Dennis Slagers 5 years ago 0

Today I tried to use a wildcard letsencrypt certificate with ubooquity but with the manuals provided I got an SSL error.

So I dug into some other stuff I had lying around and came up with following


step 1

openssl pkcs12 -export -in /export/certificate/domainname.cer -inkey /export/certificate/domainname.key -out /home/comics/keystore.p12 -name ubooquity
-CAfile /export/certificate/fullchain.cer -caname root

Step 2

keytool -importkeystore -deststorepass password -destkeypass password -destkeystore /home/comics/keystore -srckeystore keystore.p12 -srcstoretype PKCS12 -alias ubooquity

When asked for a password enter a password you have used before in these lines. You need this later as well when removing or recreating a keystore

now you are ready to enter the keystore info in the config of ubooquity

/home/comics/keystore

and enter the password


in the log you will see SSL is enabled

com.ubooquity.d.e - HTTPS activated
20181112 22:14:51 [Thread-18] INFO org.eclipse.jetty.server.Server - jetty-9.4.0.v20161208
20181112 22:14:51 [Thread-18] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.s.h.ContextHandler@17549ad2{/,null,AVAILABLE,@admin}
20181112 22:14:51 [Thread-18] INFO o.e.j.server.handler.ContextHandler - Started o.e.j.s.h.ContextHandler@3affabdb{/,null,AVAILABLE,@library}
20181112 22:14:51 [Thread-18] INFO o.e.jetty.util.ssl.SslContextFactory - x509=X509@2142c9e8(ubooquity,h=[],w=[aroundtheworld.net]) for SslContextFactory@527618b1(file:///home/dennis/comics/keystore,null)
20181112 22:14:51 [Thread-18] INFO o.e.jetty.server.AbstractConnector - Started library@11f693b3{SSL,[ssl, http/1.1]}{0.0.0.0:2202}
20181112 22:14:51 [Thread-18] INFO o.e.jetty.server.AbstractConnector - Started admin@7e136c36{SSL,[ssl, http/1.1]}{0.0.0.0:2203}
20181112 22:14:51 [Thread-18] INFO org.eclipse.jetty.server.Server - Started @461079ms


if this is not working, modify the json to remove the keystore info and restart to go back to http


Maybe this can be helpful for some


btw I do not do scripting as I need to manually adjust stuff in my VM's ;-)

Customer support service by UserEcho