BLYNK
HOME       📲 GETTING STARTED       📗 DOCS       ❓HELP CENTER       👉 SKETCH BUILDER

Let's Encrypt free SSL/TLS certificate how to instruction (non-windows systems)

Dear all, we added instruction on how you can install free SSL/TLS certificate for Local Blynk Server.

Any feedback, improvements, simplifications are welcome.

1 Like

Will this method for installing Lets Encrypt free SSL/TLS certs work for node-red-contrib-blynk-websockets utilising Blynk-cloud / iOS ?

Yes. But I need to allocate time (that I don’t have at the moment) to do that for our Cloud.

With a running install of Raspbian/Jessie I get an error when running the script. It’s something about an unmet dependancy for libffi6. I’m trying to figure out how to fix it and let you know if I succeed :slight_smile:

-edit

It probably needs some additional deb sources, most likely these two:

deb-src http://archive.raspbian.org/raspbian/ jessie main contrib non-free rpi
deb http://ftp.de.debian.org/debian jessie main non-free

To resolve the dependency issues.

@Lichtsignaal hm… thanks for info.

Also, it starts a web server at port 80, so if you have apache or something else running, you should stop that too :slight_smile:

-edit

And your computer has to reachable on port 443! So if it is behind a NAT router, you have to forward port 443 to the machine

You can use either 80 or 443. For instance just for 80 port

--standalone-supported-challenges http-01

It’s definitely not as simple as described in the documents. Because the program needs to be run as root, you have to start an interactive shell with root privileges, which is done by sudo -i (on rasbian anyway) to be allowed to copy the files to the blynk-data dir

You can run it on another port. I did it like that :

sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 9999
-standalone-supported-challenges http-01 --http-01-port 9999
//when all is done
sudo iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 9999

But yes. For first time it is really not simple. I spend few hours to get understanding of how it is working.