elective-stereophonic
elective-stereophonic
Setting up SSL/Https on a public node
Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Stable Nxt Client: Nxt 1.11.15 | Latest Experimental Nxt Client: Nxt 1.12.0e

Pages: 1 [2]  All

Author Topic: Setting up SSL/Https on a public node  (Read 12132 times)

Tosch110

  • Hero Member
  • *****
  • Karma: +211/-18
  • Offline Offline
  • Posts: 2365
    • View Profile
Re: Setting up SSL/Https on a public node
« Reply #20 on: July 14, 2015, 12:32:34 pm »

Hello! To set up my Nxt node with SSL I am following these rules:

http://wiki.nxtcrypto.org/wiki/How-To:UseSslCerts

(I have a CA certified certificate)

When trying to get the keystore file, I get the following error:

keytool -importkeystore -srckeystore mycert.pkcs12 -srcstoretype PKCS12 -destkeystore keystore

Enter destination keystore password:
Re-enter new password:
Enter source keystore password:

keytool error: java.io.IOException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded

Somebody has an idea what the reason is?

kinjo

  • Newbie
  • *
  • Karma: +0/-0
  • Offline Offline
  • Posts: 1
    • View Profile
Re: Setting up SSL/Https on a public node
« Reply #21 on: July 08, 2016, 10:02:48 am »

i'm getting
ERR_CONNECTION_CLOSED  ???
Logged

VanBreuk

  • Hero Member
  • *****
  • Karma: +362/-19
  • Offline Offline
  • Posts: 2772
    • View Profile
Re: Setting up SSL/Https on a public node
« Reply #22 on: July 08, 2016, 11:08:07 am »

There is another topic (right beside this one) with steps to configure SSL on a public node: https://nxtforum.org/public-nodes-vpss/method-to-configure-https-for-nxt-public-nodes/
Logged
GPG Fingerprint: B020 D1C1 F289 3B2C 3577  9EAD 455D D175 5913 C7F1

box1413

  • Hero Member
  • *****
  • Karma: +101/-4
  • Offline Offline
  • Posts: 687
    • View Profile
Re: Setting up SSL/Https on a public node
« Reply #23 on: January 26, 2017, 10:07:26 pm »

this is an old post, but is there a new "easier" method of enabling https? I currently have a vps with lets encrypt installed and working on my domain, but totally unsure how to link it up with nxt nrs?
Logged

VanBreuk

  • Hero Member
  • *****
  • Karma: +362/-19
  • Offline Offline
  • Posts: 2772
    • View Profile
Re: Setting up SSL/Https on a public node
« Reply #24 on: January 27, 2017, 01:21:28 am »

this is an old post, but is there a new "easier" method of enabling https? I currently have a vps with lets encrypt installed and working on my domain, but totally unsure how to link it up with nxt nrs?

See the post I shared right above - https://nxtforum.org/public-nodes-vpss/method-to-configure-https-for-nxt-public-nodes/

It works precisely with Letsencrypt/Certbot.
Logged
GPG Fingerprint: B020 D1C1 F289 3B2C 3577  9EAD 455D D175 5913 C7F1

theghost1980

  • Newbie
  • *
  • Karma: +0/-0
  • Offline Offline
  • Posts: 9
    • View Profile
Re: Setting up SSL/Https on a public node
« Reply #25 on: February 10, 2017, 10:50:31 pm »

Hello there I know this is an old post. But I need some guide.
Recently I've been playing a bit with the servers installation, so far i have 2 running already, but without SSL.

I would like to get this clear, so excuse my Dumbs question.
Quoting the following:
nxt.keyStorePath=keystore
nxt.keyStorePassword=<same password you provided in (b)>
nxt.apiSSL=true

I want to know some things:
1. I guess keystore, is the reference for the keys storages, which means All the keys I created they will be there. There is only one path right? What makes each key / certificate different is the password and the alias?

2. The field  nxt.keyStorePassword = <same password you provided in (b)>, must be filled just as follows?
      nxt.keyStorePassword = 12345678 (giving that strong pass as an example)
      Or Do I have to add = "12345678" or = [12345678] or = ["12345678"]

So far I've been able to create 2 keys and tests them, as you can see in the info bellow:

ubuntu@ip-172-31-5-120:/usr/bin$ keytool -list -v -keystore keystore
Enter keystore password: 

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: mykey
Creation date: Feb 10, 2017
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=52.56.53.167:7876, OU=NTX TheGhost, O=NXT, L=London, ST=England, C=GB
Issuer: CN=52.56.53.167:7876, OU=NTX TheGhost, O=NXT, L=London, ST=England, C=GB
Serial number: 252635fc
Valid from: Fri Feb 10 21:55:17 UTC 2017 until: Thu May 11 21:55:17 UTC 2017
Certificate fingerprints:
    MD5:  C2:C6:A9:86:91:89:0F:27:44:3A:69:92:0A:7C:7D:45
    SHA1: 56:03:F7:6C:FB:1B:F9:19:47:E3:FF:44:A0:22:EC:B3:09:B7:60:03
    SHA256: E1:EE:4E:0F:43:E7:D7:B6:45:5D:C4:23:EB:7E:BF:93:CE:3D:C0:F0:15:50:A2:41:14:8D:5B:83:2C:95:EB:CC
    Signature algorithm name: SHA1withDSA
    Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 27 BF 87 22 57 BC FB E1   6F 2C 26 73 95 AA 7B 83  '.."W...o,&s....
0010: 04 CE 84 C2                                        ....
]
]

So this is why I'm asking some guide here. I've tried filling the .conf file but not results I keep getting this error:
"keytool error: java.io.IOException: Invalid keystore format"

Thanks in advance. By leading me a light here, You will be helping someone who is willing to start forging NXT, so in the future I hope give a lot of tips :D
Logged

lurker10

  • Hero Member
  • *****
  • Karma: +168/-33
  • Offline Offline
  • Posts: 1334
    • View Profile
Re: Setting up SSL/Https on a public node
« Reply #26 on: February 11, 2017, 07:13:29 am »

Hello there I know this is an old post. But I need some guide.
Recently I've been playing a bit with the servers installation, so far i have 2 running already, but without SSL.

Here is what I found for you, can you try this set of switches?
https://bitcointalk.org/index.php?topic=345619.msg5485142#msg5485142
Logged
Run a node - win a prize! "Lucky node" project jar: NXT-8F28-EDVE-LPPX-HY4E7
Pages: 1 [2]  All
 

elective-stereophonic
elective-stereophonic
assembly
assembly