I use Mup
to deploy my app to hosting.
How to use SSL
for free?
Easy, first create an account in https://www.sslforfree.com/ sslforfree
this will help you see the status of the ssl you will be using for your domain.
Then enter the domain you want to obtain ssl for free on the cover page of sslforfree
Use the Manual validation DNS option
Then apply the txt records on the dns config of your domain.
Wait until the txt records are propagated.
Configure mup with ssl config found on mup documentation webpage
http://meteor-up.com/docs.html#ssl-support
here is my mup.js configuration configuration
module.exports = {
servers: {
one: {
host: '***.***.***.***',
username: 'root',
pem: '~/.ssh/id_rsa',
// password: 'server-password'
// or neither for authenticate from ssh-agent
}
},
meteor: {
name: '******',
path: '~/Meteor/******',
servers: {
one: {},
},
buildOptions: {
serverOnly: true,
},
env: {
// If you are using ssl, it needs to start with https://
//PORT: 3010,
ROOT_URL: 'https://******.com',
MONGO_URL: 'mongodb://localhost/meteor',
//VIRTUAL_HOST: 'https://******.com', not needed because proxy configured in proxy object below in configuration, thats why i commented this
},
docker: {
// change to 'kadirahq/meteord' if your app is using Meteor 1.3 or older
image: 'abernix/meteord:node-8.4.0-base',
},
// Show progress bar while uploading bundle to server
// You might need to disable it on CI servers
enableUploadProgressBar: true
},
proxy: {
// comma separated list of domains your website
// will be accessed at.
// You will need to configure your dns for each one.
domains: '******.com',
ssl: {
// Enable let's encrypt to create free certificates
letsEncryptEmail: '******@******.com',
}
},
mongo: {
version: '3.4.1',
servers: {
one: {}
}
}
};
Don’t put :3000 in the name ! Use manual verification as you’re not using port 80
Also, you cant validate per ip (in mup), instead put the domain or domains you want to use with ssl, then proceed to manual verification.
in manual verification (DNS) step you need to setup dns text records in the interface where you manage your registered domains.
after the dns text records have been propagated (probably you will need to wait an hour if the time to live (ttl) is set to 3600 seconds)
click on Verify_acme_challenge.mydomain.com
this screen will appear when successfull verification.
This is important because mup uses txt records to verify it can automatically renew ssl certificates.
Enjoy your free ssl certificate and keep rocking
Excuse me, not understand.
It still has the same problem
module.exports = {
servers: {
one: {
host: '172.104.57.72',
username: 'root',
password: '********'
}
},
meteor: {
name: 'myApp',
path: '../myApp',
servers: {
one: {}
},
buildOptions: {
serverOnly: true,
},
env: {
ROOT_URL: 'http://172.104.57.72/',
MONGO_URL: 'mongodb://localhost/mydb',
PORT: 3000
},
dockerImage: 'abernix/meteord:base',
deployCheckWaitTime: 120
},
mongo: {
oplog: true,
port: 27017,
servers: {
one: {},
},
},
};
Please help me
Check my mup config in my first post, if you copy it you will get correct parameters.
first differente is the ROOT_URL: note it start with https not http
second, note i use a domain, not an ip, for this prerequisite you will need to configure your domain with and A record in your dns config to point to the ip, what mup will configure is nginx to proxy your domain to your ip and port (this is done automatically, because mup uses docker image jwilder-nginx
are you familiarized with DNS configurations?
thanks for your reply, I have a problem with Manually Verify Domain (DNS), (not
mup.js`)
So it mean that I must create domain link to this IP first?
If in case soem body is still struggling with this.
http://talesofkingarch.blogspot.com/2018/10/installing-ssl-on-aws-instance-digital.html
Sorry if I misunderstand the question, but using free LetsEncypt SSL with MUP should be as easy as adding a few lines to the mup config file as per the reverse proxy settings http://meteor-up.com/docs.html#ssl
Don’t forget to do mup setup
and mup reconfig
after changing the config file.
There’s no need to signup with any certificate authority. Unless you need wildcard domain support which LetsEncrypt doesn’t support?