I have purchased ngrok pro plan to use whitelabeled domains through cloudflare. But having trouble configuring end to end SSL encryption.
React app is running on localhost (http://localhost:3000).
created a domain (app.example.com) in ngrok.
added CNAME record for xxx.ngrok.io url in cloudflare for app.example.com.
SSL is enabled in cloudflare
https://app.example.com gives HTTP 520 error on cloudflare
cloudflare has universal certificate on *.example.com domain.
Is there anyway i can have https://app.example.com resolves to https://localhost:3000 through ngrok?
Here is one way, assuming you are fine with having Cloudflare only act as DNS:
Configure ngrok to serve the correct TLS certificate. In ngrok for your domain app.example.com, select the "Automated TLS certificates" option, which means ngrok will provision one for you.
In Cloudflare, "grey cloud the DNS record" so that traffic is no longer proxied through Cloudflare before it is proxied through ngrok. Now it will only be proxied through ngrok before being forwarded to your local server.
Start your ngrok tunnel. Assuming your local server is not configured to terminate TLS, you can run something like ngrok http --bind-tls=true --hostname=app.example.com 3000 to start a HTTPS only tunnel endpoint.
I was looking ngrok tunnel solution proposed and I also found a way you can do an Argo Tunnel through cloudflare directly. This can be another approach to the problem. https://developers.cloudflare.com/cloudflare-one/tutorials/share-new-site
I didn't answer your question. I just want to share, that we can make localhost on our computer accessible through our own domain using cloudflare tunneling.
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/
Related
I am going to launch my local Vue application with ngrok.
I used this command.
ngrok http 8080
It says online.
But when I visit this site, it shows error.
This is the output from the ngrok.
I think the problem is HTTPS. My local version is HTTPS.
Here is the screenshot.
How can I solve this problem?
ngrok assumes that the server it is forwarding to is listening for unencrypted HTTP traffic, but if your server is listening for encrypted HTTPS traffic you can specify a URL with an https:// scheme to request that ngrok speak HTTPS to your local server.
Forward to an https server by specifying the https:// scheme
ngrok http https://localhost:8080
As a special case, ngrok assumes that if you forward to port 443 on any host that it should send HTTPS traffic and will act as if you specified an https:// URL.
Forward to the default https port on localhost
ngrok http 443
ngrok assumes that your local network is private and it does not do any validation of the TLS certificate presented by your local server.
If need be, explicitly direct to https locally.
ngrok http https://localhost:8080 -host-header="localhost:8080"
Try ngrok without http
And use node js code to mark -8080 port as your server address
const ngrok = require('ngrok');
(async function() {
const url = await ngrok.connect(8080);
})();
When you'll run this this will create a url use that url to access your server
The main problem is that you don't have a valid ssl certificate on localhost.
You need to expose the normal http not the https. I think it is going to work eg:
ngrok http http://localhost:8080
And in the vue server try to avoid the ssl or https encryption.
Currently I am using No-Ip for my website and I wanted to use cloudflare for protection against ddos and bots. I noticed that you need a domain for cloudflare. Also I searched the web and found something called cloudflare ddns. I don't own a domain only the dynamic public ip of my home route. So how do I set up cloudflare without a domain?
Maybe you will be interested in Cloudflare Argo Tunnel.
A single command cloudflared tunnel --url localhost:80 will expose your webserver running on port 80 on your home server/PC to the internet. Cloudflare will generate a free subdomain under trycloudflare.com domain that your visitors can reach.
I've just started using Zap, and am successfully running it in Firefox and Chrome.
I'd like to use it to automatically serve it's SSL cert for non https sites as well.
So for example, I'd like it to be able to serve
http://example.com
as
https://example.com
even though example.com normally wouldn't serve an SSL cert.
This would allow me to test local development sites without ever creating a self signed cert for them, or having to configure the cert with a webserver.
I've tried to port forward my dev port (18000) to port 443, but there's no SSL cert being served by my webserver, and the connection fails. I've also tried this with sni terminator zap plugin with no luck, though it feels like it's super close!
Any suggestions?
No application can choose communication protocol on which a client communicates. Web servers communication is strictly client driven except server redirects. For client to choose HTTP(s) out of two options http and http(s) you may install browser plugins like HTTP(s) everywhere which will seek for https first even if http is entered in browser
I am trying to add SSL support for my site which is on AWS infrastructure.
I am using (Ubuntu, Apache, cake-php).
I installed the certificate from go daddy on AWS ELB per this guide.
When I test my domain via HTTPS it works fine, but the site is also available via HTTP.
I would like to redirect all calls to HTTP, but per the guide instructions the ELB and EC2 communicate via HTTP, so the protocol identified by my EC2 is on port 80, so the EC2 has no way to redirect the user, because all communication to it from ELB is over port 80.
If I change ELB-EC2 settings to HTTPS, it does not work anymore, I assume some configuration is required (on ELB,EC2?) but I could not find any documentation on the above.
Any input, links etc. would be greatly appreciated!
Thanks
ELB sets X-Forwarded-Proto header, you can use it to detect if original request was to HTTP and redirect to HTTPS then.
Take a look at ELB docs.
I have a vps running on ubuntu 12.04 with apache2. My question is, if I am going to install ssl cert and etc. to it am i able to use https directly to my domain? I just add A Record at my domain provider with the VPS IP Address.
Essentially, yes.
Remember to make sure that Apache is listening on https (and it's setup as it should be with the certs and mod_ssl) and if you have a firewall active, the port for https (443) is open.
Otherwise, all you would need to do is add your record to the DNS server.