Skip to content

1.3 Installing the self signed certificate

Jump to bottom
Tony edited this page Apr 15, 2019 · 4 revisions

25/11/2018 - THE INFORMATION ON THIS PAGE IS OUT OF DATE AND WILL BE UPDATED SOON

If selected, stage 6 of the install script will create a keystore and two self signed certificates. This allow the iPhone to trust the Raspberry Pi, which in turn allows the web-app to install a home screen icon, and to run in full screen mode.

To establish this trust, create the icon and run the web-app in full screen mode, use the following process...

  1. The certificate has been copied to the folder /var/www/logs/Alarm.crt. Email this file to the iPhone. Note: Windows users - this folder has been shared out through Samba, so can be found in the 'logfiles' data share.

If this option has been

Certificate creation

During the install, you are given the option to create a self signed certificate and configure Apache secure data transfers.

If you are enabling this options, there are a few points to be aware of.

  1. This will disable port 80 - so entering the ip address of your Raspberry Pi in your browser will no longer work.
  2. Port 443 will be enabled - so you will need to enter https://<ip address>/ to access the web site.
  3. When creating the self signed certificate, you will be prompted with a number of questions. Most replies are optional and can be left blank. The characters contained in the square brackets are the default values.
  • Country name ( 2 letter code ) [AU]: This can be any two digit country code, or can be left blank.
  • State or Province Name (full name) [Some-State]: This should be the country name applicable for your location, or can be left blank.
  • Locality Name (eg, City) [ ]: Your city name, or can be left blank.
  • Organization Name (eg Company) [Internet Widgets Pty Ltd]: Any company name you want, or can be left blank.
  • Organisational unit name (eg, section) [ ]: Any text you want, or can be left blank.
  • Common Name (eg, server FQDN or YOUR name) []: This field MUST be the IP address of your Raspberry Pi. If any other value is used, the certificate will not work, and you will not be able to access the web page.
  • Email Address [ ]: This can be any email address you want, or can be left blank.

As the certificate will be publically accessible, and I prefer the location of my system to remain anonymous, I usually leave all fields except the Common Name as blank.

Certificate operation

  1. So the first time you browse to the web page you will get a certificate warning...

cert01

  1. Select Details to view the Certificate. This will show the information you entered during the install process...

cert 03

  1. Check the details of the certificate, and if everything is ok, click on Accept.

cert02

  1. This will install the certificate and take you to the web site. But note the padlock symbol indicating the session is now encrypted...

cert04

Finally, add the shortcut to your home screen to allow the web app to run in full screen mode.

Job Done :)

Visit the website oddwires.co.uk

Clone this wiki locally