Skip to content
Start building
Star on GitHub
48K
 Start building
Back

How to add HTTPS to a new self-hosted Digital Ocean Droplet.

  • 0
  • Self Hosted
  • Web
View on Discord
rajeshmone
17 Jun, 2023, 22:27

How can I add https to a new self-hosted digital ocean droplet. http link to the ip address shows "Not secure" on the chrome browser and using HTTPS gives a error NET::ERR_CERT_AUTHORITY_INVALID on chrome. Also, I am not planning to add a domain to it and keep using the ip in the mobile application. Is this ok to do ? Although, the project this appwrite droplet supports can have a domain in the future.

TL;DR
The user is asking how to add HTTPS to a new self-hosted Digital Ocean Droplet. They mention that they have read the documentation but are looking for more in-depth steps. They also ask about setting up SSL certificates and renewing them, as well as whether it is possible to secure their app without a domain. The solution is to issue an SSL certificate for the domain associated with the Digital Ocean Droplet. They can use a service like Let's Encrypt and install certbot on their Linux server. This will allow them to obtain an SSL certificate for their domain and set up auto-renewal. It is recommended to issue an
Drake
17 Jun, 2023, 23:26

You don't have a domain yet?

safwan
18 Jun, 2023, 04:41

It's always recommended to issue an SSL cert to a domain, and not to an IP address.

safwan
18 Jun, 2023, 04:41

Using the IP is not an issue technically, it's just a matter of best practice imo.

safwan
18 Jun, 2023, 04:42

Also, you lose the functionality of sub-domains without a domain

safwan
18 Jun, 2023, 04:42

Here's a stackoverflow post: https://stackoverflow.com/questions/2043617/is-it-possible-to-have-ssl-certificate-for-ip-address-not-domain-name

rajeshmone
19 Jun, 2023, 07:42

yes, I do not have a domain yet.

rajeshmone
19 Jun, 2023, 07:48

The entire concept of "issuing ssl" is new to me. I saw that LetsEncrypt issues it for 90 days and it needs to be renewed after that but not how it is renewed. And also is certificate something that is saved on server ? I wanted a simple solution so I can secure my appwrite instance and go back to creating apps which is my strong suit.

safwan
19 Jun, 2023, 07:51

Ah okay. Well, SSL certificates are usually issued to a domain, and not the IP address it's mapped to.

So if you have a a domain example.com that points to 1.2.3.4, you can get an SSL cert for example.com but not for 1.2.3.4..

As for the Let's Encrypt certificates, it depends on how you install them initially. You're right that certificates are stored on the server. There is a service called certbot that can be installed on Linux, which issues Let's Encrypt certificates for the domain of your choice, and even sets up auto-renewal.

rajeshmone
19 Jun, 2023, 08:43

Edited and created a new reply to refer to above response.

rajeshmone
19 Jun, 2023, 08:44

A little out of context question : On one of my other projects, my web developer added a godaddy domain to Cloudflare and some A and CNAME entries into the DNS there and set "Allow only https" option on Cloudflare to YES which converted all http requests on browser to https. Did Cloudflare setup the ssl in that case.

safwan
19 Jun, 2023, 08:57

Probably yes.

rajeshmone
19 Jun, 2023, 10:05

I think there should be one recommended and fully documented way to setup Appwrite for production including backing up db, and then let the users decide if they want to follow it or set it in their own way.

safwan
19 Jun, 2023, 10:22

https://appwrite.io/docs/self-hosting

rajeshmone
19 Jun, 2023, 10:29

I have read those docs, I am talking about getting more in-depth steps.

safwan
19 Jun, 2023, 10:39

I'm not quite sure what you mean... 😅

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more