HTTPS over public IP

Help
1

Hi. Welcome! :slight_smile:

1. The problem I’m having:

I want to enable HTTPS on my server without using domain. I have a VM on Google Compute Engine. It has public IP. I’ve tried to generate self-signed certificate for IP using tutorial (link below). HTTP works just fine. I’ve checked all firewall stuff. 443 is enabled.

I’m hosting Telegram bot on that server. I don’t care about domain name and want to stick to the free options. I’m newbie on all that servers thing. Please help.

2. Error messages and/or full log output:

Safari can’t open the page “https://35.184.31.227” because Safari can’t establish a secure connection to the server “35.184.31.227”.

3. Caddy version:

latest

4. How I installed and ran Caddy:

with apt install

a. System environment:

Ubuntu 18 on Google Compute Engine.

d. My complete Caddy config:

35.184.31.227 {
	tls /home/user/ssl/cert.pem /home/user/ssl/key.pem	

	# Set this path to your site's directory.
	root * /usr/share/caddy

	# Enable the static file server.
	file_server

	# Another common task is to set up a reverse proxy:
	reverse_proxy localhost:8080

	# Or serve a PHP site through php-fpm:
	# php_fastcgi localhost:9000
}```

### 5. Links to relevant resources:
https://medium.com/@antelle/how-to-generate-a-self-signed-ssl-certificate-for-an-ip-address-f0dd8dddf754
2

Hello, as you do not confirm that caddy has permission to read the certificate in the user’s home directory, you could try to get it running first with caddy’s local CA to get rid of other issue. Once it work, go further.

If you want to try it, write tls internal in the config.

35.184.31.227 {
  # ...
  file_server
  # use internal caddy CA
  tls internal
}

If it still doesn’t work, run the following command: caddy trust

3

You’re much better off getting a free domain like from DuckDNS or similar.

4

I ended up buying domain name. Thanks!

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.