How to enable the ssl certificate for my droplet IP address

Question

Hello to all,

I have deploying my spring boot rest application in my debian 10 server and I make differents api rest call with http://my_ip_address:8080 but the problem is that in my angular web client who differents user make requests I have enabled the ssl certificate to establish the secure navigation for them and now I can’t call my services with http protocol.

And when I try to generate the ssl certificate with openssl, the web browser bloc always the rest api call and tell that the certificate didn’t provide from the competent authority.

My question is how can I do to generate the ssl certificate for my public IP address for my droplet.

Thanks

Answer 1

bobbyiliev June 16, 2020

Hi there @sinclairjaza,

I would recommend taking a look at this answer here by ryanpq:

https://www.digitalocean.com/community/questions/ssl-for-ip-address

He mentions that unfortunately the free LetsEncrypt CA does not support this which leaves you with two options:

Create a self-signed ssl certificate. This has the benefit of being free and fairly easy to set up but will result in a security warning in most browsers since they look for a trusted authority to have issued the certificate. If you are creating this for internal use this may be the best option.
Purchase an SSL certificate from a provider. For this I’d recommend reaching out to a few providers to find one that will support issuing a certificate for your public IP address.

Hope that this helps!
Regards,
Bobby

Reply Report

sinclairjaza June 17, 2020

Thanks @bobbyiliev for your answer.

And if I put a domain name on my digitalocean public IP address, could I from my control panel activate a free ssl certificate directly?
Reply Report
- bobbyiliev June 17, 2020
  
  Hi there @sinclairjaza,
  
  Yes with a domain name you could use Let’s Encrypt to get a free SSL certificate.
  
  You can follow the steps from this tutorial here on how to issue a Let’s Encrypt SSL certificate for Apache:
  
  https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04
  
  Hope that this helps!
  Regards,
  Bobby
  
  How To Secure Apache with Let's Encrypt on Ubuntu 18.04
  by Kathleen Juell
  by Erika Heidi
  Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. In this tutorial, you will use Certbot to obtain a free SSL certificate for Apache on Ubuntu 18.04 and set up your certificate to renew automatically.
  
  Reply Report

Answer 2

sinclairjaza June 17, 2020

Thanks @bobbyiliev for your answer.

And if I put a domain name on my digitalocean public IP address, could I from my control panel activate a free ssl certificate directly?
Reply Report
- bobbyiliev June 17, 2020
  
  Hi there @sinclairjaza,
  
  Yes with a domain name you could use Let’s Encrypt to get a free SSL certificate.
  
  You can follow the steps from this tutorial here on how to issue a Let’s Encrypt SSL certificate for Apache:
  
  https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04
  
  Hope that this helps!
  Regards,
  Bobby
  
  How To Secure Apache with Let's Encrypt on Ubuntu 18.04
  by Kathleen Juell
  by Erika Heidi
  Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. In this tutorial, you will use Certbot to obtain a free SSL certificate for Apache on Ubuntu 18.04 and set up your certificate to renew automatically.
  
  Reply Report

Related

Question

How to enable the ssl certificate for my droplet IP address

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

How to enable the ssl certificate for my droplet IP address

Leave a comment

Related

question

PHP Error Log: authz_core:error - For files that don't exists on my server

question

How to make web service unavailable. As I develop this application, I'd rather not be burning up CPU or access time when not logged in.

question

Can I assign a firewall while creating a droplet via API?

question

Problem starting Apache

Looking for something else?