All based on Raspberry Zero W with an "Debian Stretch" installed!
Since the Amazon Echo server only wants to communicate via https, I have to use for the Lighttp server a "self-singed ceriticate".
First, let's start with a configuration for the certificate (please replace everything between <..> with your values):
Since the Amazon Echo server only wants to communicate via https, I have to use for the Lighttp server a "self-singed ceriticate".
First, let's start with a configuration for the certificate (please replace everything between <..> with your values):
1 2 3 4 | cd ~mkdir sslcd sslpico ssl.cfg |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | [req]distinguished_name = req_distinguished_namex509_extensions = v3_reqprompt = no[req_distinguished_name]C = [[dein land=""]]ST = [[dein bundesland=""]]L = [[deine stadt=""]]O = keineCN = [[dein skillname=""]][v3_req]keyUsage = keyEncipherment, dataEnciphermentextendedKeyUsage = serverAuthsubjectAltName = @subject_alternate_names[subject_alternate_names]DNS.1 = [[domain die von außen aufgerufen wird z.b.23213qwesd.myfritz.net]]DNS.2 = [[interne domain z.b. rpi-zero]] |
Now we execute the following commands:
1 | |
1 2 3 4 5 | openssl genrsa -out private-key.pem 2048openssl req -new -x509 -days 365 -key private-key.pem -config ssl.cfg -out certificate.pemcat private-key.pem certificate.pem > lighttp.pemsudo mkdir /etc/lighttpd/sslsudo cp lighttp.pem /etc/lighttpd/ssl/ |
Almost done now we have to configure Lighttpd:
1 | sudo pico /etc/lighttpd/lighttpd.conf |
Enter the following at the end of the file
1 2 3 4 | $SERVER["socket"] == "0.0.0.0:443" { ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/ssl/lighttp.pem"} |
Now restart the server
1 | sudo service lighttpd restart |
So the certificate is installed!
Keine Kommentare:
Kommentar veröffentlichen