How to Freedombox and Pagekite to work with https?

#1

I signed up for a Pagekite account and was able to link that to Freedombox and verified that I could access by server, so that part went well. The issue is that https on the pagekite URL complains that " Your connection is not private".

To try and resolve this I tried to use the Let’s encrypt option with my pagekite URL, but it failed.

Is there a detailed guide or a blog post for setting up Pagkite and getting HTTPS working with FreedomBox?

Other info:
Installed on Ubuntu 18.04
Bound to my DHCP IP.

#2

I found the answer to this on my own and wanted to share it here in hopes that it may help someone else.

For using Pagekite

  1. Setup your Pagekite account first before enabling this feature as you will need settings on your account page to setup Freedombox.

  2. Read this little note from Debian https://wiki.debian.org/FreedomBox/Manual/PageKite that explains that you “must” enable http when getting your “let’s encrypt” certificate. Once you have your certificate you can remove access to http and only have htttps enabled.

I must say so far I am really enjoying Freedombox and see the value in it. I looking forward to turning on more features.

2 Likes
#3

Awesome! Thanks for sharing the solution.

Please note that Let Encrypt certificates are valid for 3 months and automatic renewal happens before that time. You may want to enable HTTP to allow that to happen.

1 Like
#4

Sunil, thank you so much for the tip on the automatic renewal! I appreciate that as I would not have known.

Best Regards

#5

How do I enable http? Fbox keeps reverting to https, I need this for forwarding

#6

HTTP to HTTPS redirection has been done in FreedomBox because it is security-wise, this is best thing to do. It is recommended that you keep using HTTPS for your needs. However, if you can disable this forwarding by issuing the following command on SSH terminal:

a2dissite plinth-ssl
systemctl reload apache2

After this you may have to clear site data on your browser (because of HSTS caching).

#7

Thanks, yeah I will let Traefik to handle the https. I will give it a try