Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Feature Requests
  3. TLS Add-On support for Secondary Domains

TLS Add-On support for Secondary Domains

Scheduled Pinned Locked Moved Solved Feature Requests
5 Posts 3 Posters 862 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      S Offline
      syn
      App Dev
      wrote on last edited by
      #1

      Now that cloudron has custom secondary domains feature, some apps that require their own TLS on subdomains (like XMPP servers) are made possible.

      Here is a patch that expands TLS addon to support this:
      https://git.cloudron.io/synchrone/box/-/commit/575247af0610dd6cc76142fe697e5415b256427b

      This will help the following prospective apps to provide a sufficient level of XMPP support, as verifying TLS on their TCP ports under subdomain names is mandatory nowadays:

      https://forum.cloudron.io/topic/7755/openfire-xmpp-server
      https://forum.cloudron.io/topic/2486/ejabberd-robust-scalable-and-extensible-realtime-server-using-xmpp-mqtt-and-sip/12
      https://forum.cloudron.io/topic/4188/snikket-server-your-own-messaging-server-in-a-box/9
      https://forum.cloudron.io/topic/1234/prosody-kaiwa/5

      nebulonN 1 Reply Last reply
      3
      • girishG girish moved this topic from App Packaging & Development on
      • S syn

        Now that cloudron has custom secondary domains feature, some apps that require their own TLS on subdomains (like XMPP servers) are made possible.

        Here is a patch that expands TLS addon to support this:
        https://git.cloudron.io/synchrone/box/-/commit/575247af0610dd6cc76142fe697e5415b256427b

        This will help the following prospective apps to provide a sufficient level of XMPP support, as verifying TLS on their TCP ports under subdomain names is mandatory nowadays:

        https://forum.cloudron.io/topic/7755/openfire-xmpp-server
        https://forum.cloudron.io/topic/2486/ejabberd-robust-scalable-and-extensible-realtime-server-using-xmpp-mqtt-and-sip/12
        https://forum.cloudron.io/topic/4188/snikket-server-your-own-messaging-server-in-a-box/9
        https://forum.cloudron.io/topic/1234/prosody-kaiwa/5

        nebulonN Offline
        nebulonN Offline
        nebulon
        Staff
        wrote on last edited by
        #2

        @syn thanks for fix on that front. We will pick that up for the next release only though. It further needs more changes to trigger for example app container restarts if certs change.

        S 1 Reply Last reply
        0
        • nebulonN nebulon

          @syn thanks for fix on that front. We will pick that up for the next release only though. It further needs more changes to trigger for example app container restarts if certs change.

          S Offline
          S Offline
          syn
          App Dev
          wrote on last edited by
          #3

          @nebulon that feature is already implemented. Has been there since cloudron 6.2.0 as far as I can see

          girishG 1 Reply Last reply
          0
          • S syn

            @nebulon that feature is already implemented. Has been there since cloudron 6.2.0 as far as I can see

            girishG Offline
            girishG Offline
            girish
            Staff
            wrote on last edited by
            #4

            @syn that only restarts the app when the primary domain cert renews.

            I did a whole bunch of changes over the weekend to fix some cert renewal issues (specifically, mail container was not getting updated properly when cert renews). I will try to incorporate your changes into it (probably only for 7.4 though).

            1 Reply Last reply
            0
            • girishG Offline
              girishG Offline
              girish
              Staff
              wrote on last edited by
              #5

              Thanks @syn . This is implemented in 7.3.4 . The /etc/certs directory has the certs in DOMAIN.cert and DOMAIN.key form (both pem format).

              1 Reply Last reply
              2
              • girishG girish marked this topic as a question on
              • girishG girish has marked this topic as solved on
              Reply
              • Reply as topic
              Log in to reply
              • Oldest to Newest
              • Newest to Oldest
              • Most Votes


                • Login

                • Don't have an account? Register

                • Login or register to search.
                • First post
                  Last post
                0
                • Categories
                • Recent
                • Tags
                • Popular
                • Bookmarks
                • Search