Snakeoil vs. Letsencrypt
62 views
Skip to first unread message
srikant vinakota
Apr 4, 2021, 3:18:49 AM4/4/21
to z-Tree unleashed
Dear Team zTU,
The video workshop on setup provides instructions on using Snakeoil as a self signed certificate whereas the written instructions talk about using Letsencrypt. Can you please clarify which is the recommended option.
Also the instructions for using Letsencrypt suggest that "For the following steps you need to be logged in as root/sudo." can you advise how to do this.
In addition it says to delete port forwarding for port 80. " You can now delete the port forwardings in your router as well as the VM for port 80."
Does that mean the port forwarding is only to be set up for port 443 and 60022.
Appreciate your help.
Regards,
Srikant.
Max R. P. Grossmann
Apr 4, 2021, 4:03:37 PM4/4/21
to srikant vinakota, z-Tree unleashed
Hi Srikant,
On 21/04/04 12:18am, srikant vinakota wrote:
> Dear Team zTU,
>
> The video workshop on setup provides instructions on using Snakeoil as a
> self signed certificate whereas the written instructions talk about using
> Letsencrypt. Can you please clarify which is the recommended option.
The snakeoil certificate should only be used for testing. Hence, we recommend using letsencrypt or any other issuer to get a X.509 ("SSL") certificate.
> Also the instructions for using Letsencrypt suggest that "For the following
> steps you need to be logged in as root/sudo." can you advise how to do
> this.
For this, you can open the Terminal Emulator and execute "sudo su -" (without the quotes). Any following commands will be executed as root.
> In addition it says to delete port forwarding for port 80. " You can now
> delete the port forwardings in your router as well as the VM for port 80."
>
> Does that mean the port forwarding is only to be set up for port 443 and
> 60022.
That is correct. However, I believe that a port forwarding for port 60022 is unnecessary in most instances; at least in the following sense: It should be in the settings of the VM, but you should not forward it from your router. If you put in the 60022 port forwarding into your router, please make sure to have a strong password because that makes all settings and data from your VM globally reachable. Hence, it is not advisable. But if you use FileZilla or similar software, it must be put into the VM settings (but again, in general, not into the router's settings).
Best,
Max
On 21/04/04 12:18am, srikant vinakota wrote:
> Dear Team zTU,
>
> The video workshop on setup provides instructions on using Snakeoil as a
> self signed certificate whereas the written instructions talk about using
> Letsencrypt. Can you please clarify which is the recommended option.
> Also the instructions for using Letsencrypt suggest that "For the following
> steps you need to be logged in as root/sudo." can you advise how to do
> this.
> In addition it says to delete port forwarding for port 80. " You can now
> delete the port forwardings in your router as well as the VM for port 80."
>
> Does that mean the port forwarding is only to be set up for port 443 and
> 60022.
Best,
Max
Reply all
Reply to author
Forward
0 new messages