HTTPS encrypt for ERP next website

Alexis_Dali · October 22, 2024, 9:53am

Hello everyone,
Has anyone tried installing a certificate for their ERPNext site?
I am hosting ERPNext on my local machine and would like to add a certificate to secure my website, so it can be accessed securely both internally and externally.
thanks in advance.

mangroliya · October 22, 2024, 10:08am

Hi there,

Since your website is accessible on the internet using port 80, you can secure it with SSL by following these steps. This will automatically renew your certificate every 90 days.

Remember to forward port 443 to your server as well. Once the SSL certificate is installed, you’ll be able to access your website using HTTPS (instead of HTTP).

Update the package list

sudo apt update

Install Certbot:

sudo apt install certbot python3-certbot-nginx

Setup SSL Certificate with following command for the newly added site

bench setup nginx

Run the following command to issue the SSL certificate

sudo certbot --nginx

Run the following command to restart the nginx service

sudo service nginx reload

Thanks,

Divyesh Mangroliya

ibrahim · October 22, 2024, 10:23am

Hello,

To secure your site with SSL, please follow these procedures using Certbot:

Contact your Internet Service Provider to set up port forwarding for port 443 to your public IP on the router, or do it yourself if you have access to the router settings and know how to configure them
Install Certbot from Snap on your terminal:
```
sudo snap install certbot --classic
```
Enable DNS multitenancy on your bench, as SSL can be applied with this configuration:
```
cd <your-bench-location>
bench config dns_multitenant on
bench setup nginx
```
Run the following command to set up SSL for your site, replacing <sitename> with your actual site name:
```
sudo -H bench setup lets-encrypt <sitename>
```
Finally, verify that your site is accessible via HTTPS by visiting https://<your-domain> in your web browser. If configured correctly, you should see a secure connection indicated by a padlock icon in the address bar

Alexis_Dali · October 22, 2024, 3:29pm

Hello My friends…!
Thank you for your replay, but really none of your method work for me.
Can you give me the nginx config file if its work for you…?
I think my problem is in it.
I get the secure connection only locally but not outside of my network.

Alexis_Dali · October 23, 2024, 4:13pm

Hello My friends…
Please if anyone have any update on this issue, I really spend a lot of time trying a lot of method but without any success.
Actually my problem is the plenty of resource out there that talk about this issue like its so handy, but none of them work for me.
I think my problem is in the /etc/nginx/confi.d/frappe-bench.conf file.

from inside my LAN I can access my frappe site securely but from outside I can’t,
So anyone can share with me how the configuration of this file look…