[+] Help : Configuring TLS LetsEncrypt
arbazkiraak opened this issue · comments
Hello @LewisArdern ,
- I have followed each & every step carefully,but i'm having a problem while running it over SSL.
- I have tried https://gist.github.com/davestevens/c9e437afbb41c1d5c3ab#nodejs app and it works fine over https which states my letsencrypt config are ok.
config.js
const config = {};
//config.twilio = {};
config.gmail = {};
config.slack = {};
config.letsEncrypt = {};
config.port = process.env.PORT || 3030;
config.url = process.env.url || 'mydomain.me';
// used to split the results (dont remove)
config.boundary = process.env.boundary || '#!!!!#';
// Set to false by default (would recommend reverse proxy instead)
config.letsEncrypt.TLS = true;
config.letsEncrypt.publicKey = process.env.publicKey || '/etc/letsencrypt/live/mydomain.me/fullchain.pem';
config.letsEncrypt.privateKey = process.env.privateKey || '/etc/letsencrypt/live/mydomain.me/privkey.pem';
config.letsEncrypt.ca = '/etc/letsencrypt/live/mydomain.me/chain.pem';
// Remove if you dont' want Twilio
//config.twilio.accountSid = process.env.accountSid || '';
//config.twilio.authToken = process.env.authToken || '';
//config.twilio.to = process.env.twilioTo || ['']; // add additonal numbers with comma seperation e.g '+447000000', ''
//config.twilio.from = process.env.twilioFrom || '';
// Remove if you dont want Slack
config.slack.token = process.env.token || 'xoxp-xxxxx-xxxx-xxxxx-xxxxxxxxxx';
config.slack.channel = process.env.slackChannel || 'general';
// Remove if you dont want Gmail
config.gmail.user = process.env.gmailUser || 'xxxxxxx.xxxxxx@gmail.com';
config.gmail.pass = process.env.gmailPass || 'xxxx';
config.gmail.to = process.env.gmailTo || ['xxxxxxxx@gmail.com']; // add additonal emails with comma seperation '', ''
config.gmail.from = process.env.gmailFrom || 'xxxxxxxxx@gmail.com';
module.exports = config;
- Upon running it, App is running over
http://mydomain.me:3030
but overhttps://
returnsconnections refused
. - Please let me know if i'm missing something.
Thanks ~
This is because you need to go to https://mydomain.me:8443 -- if you want to run it on 443, you would need to run as high privilege which i do not recommend and change the value from 8443 -- https://github.com/LewisArdern/bXSS/blob/dev/app.js#L20. What I recommend you doing is setting up a reverse proxy with a web server and then you can forward the traffic to the application.
I should probably update the port in the app.js but i'm currently working on a dev branch so i will add it to those changes when i'm done, let me know if this resolves your problem or if I can assist further.
Thanks @LewisArdern