ERPNext.com Frappe Cloud Support Partners Foundation Frappe School

How to make HTTPS for my ERPNext?

Hello all,

This is my first post, I am quite new for unix/linux system ! ERPNext was amazing for me because I can make my ERPNext with 30 min as step from the web https://github.com/frappe/bench#2-run-the-install-script by used two command on google cloud 1) wget https://raw.githubusercontent.com/frappe/bench/master/playbooks/install.py and 2) sudo python install.py --production

After that I have my ERPNext on http://www.mycompany.com web, but I can not make https://www.mycompany.com, I try to follow https://frappe.github.io/frappe/user/en/bench/guides/lets-encrypt-ssl-setup.html it not work for me, I don’t know why? I have problem with first command in this page “sudo -H bench setup lets-encrypt [site-name]” because I don’t know what is [site-name] I try www.mycompany.com, site1.localhost, defaule_server, localhost all of them have error “No site named localhost”.

-Cloud google
-ubuntu 16.04

Do you have and suggestion?
Thanks
Tudtude

2 Likes

Do an ls sites/* from the bench directory. It will list the directory you have in there. The [site name] is the name of the directory that erpnext has been installed in. The default that all the instructions use is site1.local.

1 Like

Dear James_Robertson,

Below is my output to used ls sites/* from many location, it is not working. Maybe I don’t know what is bench directory, where is it? I try many thing following manual but almost not working, I think maybe it is not update to lasted version.

What should I do to solve this problem ? Sorry to asking you basic question due with I don’t know what is the right question?

tudtude@testsystem:/$ pwd
/
tudtude@testsystem:/$ ls sites/*
ls: cannot access 'sites/’: No such file or directory
tudtude@testsystem:/$ whereis bench
bench: /usr/local/bin/bench
tudtude@testsystem:/$ cd /usr/local/bin
tudtude@testsystem:/usr/local/bin$ ls sites/

ls: cannot access ‘sites/*’: No such file or directory
tudtude@testsystem:/usr/local/bin$ cd \

tudtude@testsystem:~$ pwd
/home/tudtude
tudtude@testsystem:~$ ls sites/*
ls: cannot access ‘sites/*’: No such file or directory
tudtude@testsystem:~$

You need to run the command from the frappe-bench folder

1 Like

Wow, now I can used ls sites/*. I will try another process to make HTTPS:// for ver 7.2 if have any problem and let you know.

Thanks,
Tudtude

Step 1: Rename Site folder name

Switch to frappe user, if SSH’ed as root

          sudo su - frappe
	 cd frappe-bench/sites
	 mv site1.local mycompany.com

Step 2: Add hostname

 nano mycompany.com/site_config.json
 
Add the following line.

 "host_name": "http://mycompany.com",

It should look like below
	{
		"db_name": "site1.local",
		"db_password": "*********",
		"host_name": "http://domain.org"
	}

Be sure to add "," at the end of "db_password": "........",

 bench setup nginx

Step 3: Install Letsencrypt

	You need to have a DNS Multitenant Setup
		bench config dns_multitenant on

	cd /frappe/frappe/bench
	sudo -H bench setup lets-encrypt mycompany.com
5 Likes

Dear Javid_Hussain and all friend,

Now, it work I can used https://mycompany.com.

Dear new ERPNext user,

If you are new for Linux/google cloud/ERPNext don’t panic and stay clam. ERPNext are easy to setup in google cloud. Below are my step that it work for me (I don’t understand it but it work)

run command in your google ssh (yourname : accouut in google)

  1. yourname@testsystem:~$ apt-get update
  2. yourname@testsystem:~$apt-get upgrade
  3. yourname@testsystem:~$wget https://raw.githubusercontent.com/frappe/bench/master/playbooks/install.py
    sudo python install.py --production
  4. yourname@testsystem:~$sudo python install.py --production

If you have no any error you will have http://ipaddress for ERPNext, if you map you ipaddress with DNS service you will have http://youcompany.com as ERPNext web service

Next we need to make it to Https://yourcompany.com for your safety.

  1. yourname@testsystem:~$ sudo su - frappe
  2. frappe@testsystem:~$ cd frappe-bench/sites
  3. frappe@testsystem:~/frappe-bench/sites$ mv site1.local mycompany.com
  4. frappe@testsystem:~/frappe-bench/sites$ nano mycompany.com/site_config.json

nano just like text edit if you never used like me just check at youtobe, change text to

Add the following line.
“host_name”: “http://mycompany.com”,

It should look like below
{
“db_name”: “site1.local”,
“db_password”: “*********”,
“host_name”: “http://domain.org
}
Save and exit
9) frappe@testsystem:~/frappe-bench/sites$ cd …
10) frappe@testsystem:~/frappe-bench$ sudo -H bench setup lets-encrypt mycompany.com

After this step will request you to put some information just put … woww, you will get https://

*** now still need to set auto renew *** I will try and update!

8 Likes

Hello Tudtube, Its really works.

Can you please update, how to auto renew this certificate.

Dear All,
This discussion thread was very useful. I’m very new to all of these (EPRNext setup, Ubuntu OS, configuring network protocols) stuff. So, it may seem that I ask a silly question.
Can anyone advise what I’m missing trying to setup HTTPS but on AWS?

  • UBUNTU 14.04.5 LTS
  • EC2 instance type: T2.MICRO

During my first attempt everything seemed to go well until I got the next error:

Creating virtual environment…
Installing Python packages…
Installation succeeded.
_The standalone specific supported challenges flag is deprecated. Please use the --preferred-challenges flag instead._
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
cancel): myemailhere@gmail.com


Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree
in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory

(A)gree/©ancel: A


Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let’s Encrypt project and the non-profit
organization that develops Certbot? We’d like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.

(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for mysitename.in.ua
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. coocoo.in.ua (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for tls-sni-01 challenge. Requested b8adc4d295ee97b364c401b7f5172598.cafe9103d39809cac27b84840dafdfe1.acme.invalid from [2a00:7a60:0:104c::1]:443. Received 1 certificate(s), first certificate had names “ssl.hosting-admin.net

IMPORTANT NOTES:

  • The following errors were reported by the server:

Domain: mysitename.in.ua
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
b8adc4d295ee97b364c401b7f5172598.cafe9103d39809cac27b84840dafdfe1.acme.invalid
from [2a00:7a60:0:104c::1]:443. Received 1 certificate(s), first
certificate had names “ssl.hosting-admin.net

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.
    INFO:bench.utils:sudo service nginx start
    There was a problem trying to setup SSL for your site
    gandolf@ip-172-31-42-54:~/frappe-bench$ cd sites/

Later I changed back everything to other site name and then changed back to site1.local but I now get this error:

> gandolf@ip-172-31-42-54:~/frappe-bench$ sudo -H bench setup lets-encrypt site1.local
> Running this will stop the nginx service temporarily causing your sites to go offline
> Do you want to continue? [y/N]: y
> INFO:bench.utils:sudo service nginx stop
> INFO:bench.utils:/opt/certbot-auto --config /etc/letsencrypt/configs/site1.local.cfg certonly
> The standalone specific supported challenges flag is deprecated. Please use the --preferred-challenges flag instead.
> Saving debug log to /var/log/letsencrypt/letsencrypt.log
> Obtaining a new certificate
> An unexpected error occurred:
> The request message was malformed :: Error creating new authz :: Name does not end in a public suffix
> Please see the logfiles in /var/log/letsencrypt for more details.
> INFO:bench.utils:sudo service nginx start
> There was a problem trying to setup SSL for your site
> gandolf@ip-172-31-42-54:~/frappe-bench$ 

Will appreciate any piece of advice from community?
Thanks

This may be helpful. I do this to enable https and use letsecrypt on default site (site1.local) on frappe bench:

  1. Set DNS Multitenancy on by running sudo bench config dns_multitenant on
  2. Add custom domain to site1.local by running sudo bench setup add-domain erp.example.com and enter site1.local when asked
  3. Setup letsecrypt by running sudo -H bench setup lets-encrypt site1.local --custom-domain erp.example.com
10 Likes