All based on Raspberry Zero W with an "Debian Stretch" installed!
Since the Amazon Echo server only wants to communicate via https, I have to use for the Lighttp server a "self-singed ceriticate".
First, let's start with a configuration for the certificate (please replace everything between <..> with your values):
Since the Amazon Echo server only wants to communicate via https, I have to use for the Lighttp server a "self-singed ceriticate".
First, let's start with a configuration for the certificate (please replace everything between <..> with your values):
cd ~ mkdir ssl cd ssl pico ssl.cfg
[req] distinguished_name = req_distinguished_name x509_extensions = v3_req prompt = no [req_distinguished_name] C = [[dein land=""]] ST = [[dein bundesland=""]] L = [[deine stadt=""]] O = keine CN = [[dein skillname=""]] [v3_req] keyUsage = keyEncipherment, dataEncipherment extendedKeyUsage = serverAuth subjectAltName = @subject_alternate_names [subject_alternate_names] DNS.1 = [[domain die von außen aufgerufen wird z.b.23213qwesd.myfritz.net]] DNS.2 = [[interne domain z.b. rpi-zero]]
Now we execute the following commands:
openssl genrsa -out private-key.pem 2048 openssl req -new -x509 -days 365 -key private-key.pem -config ssl.cfg -out certificate.pem cat private-key.pem certificate.pem > lighttp.pem sudo mkdir /etc/lighttpd/ssl sudo cp lighttp.pem /etc/lighttpd/ssl/
Almost done now we have to configure Lighttpd:
sudo pico /etc/lighttpd/lighttpd.conf
Enter the following at the end of the file
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/ssl/lighttp.pem"
}
Now restart the server
sudo service lighttpd restart
So the certificate is installed!
Keine Kommentare:
Kommentar veröffentlichen