Enable SSL/HTTPS Encryption with Let's Encrypt
These are the steps to install a certificate from Let’s Encrypt on Ubuntu.
Using Let's Encrypt to Install SSL Certificates Allows Proper SSL
Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). This means that you can get a free 90 day SSL Certificate for your Shinobi Server if you have a registered domain name to use. These steps are for an Ubuntu install but other systems will be similar. Ubuntu also allows for automatic renewal of the certificate every 90 days.
To use this method you must have a registered Domain Name and a valid domain URL for your Shinobi Server. i.e. cam.yourdomain.com
Make Sure Everything is Up to Date and Install Certbot
1. Update distribution files
apt-get update apt-get dist-upgrade
2. Install Certbot
apt-get update apt-get install software-properties-common apt-get update apt-get install certbot
3. Set Up Certbot folders.
cd /home/Shinobi mkdir certs cd /home/Shinobi/web mkdir -p .well-known/acme-challenge
4. Ensure port 80 access to your Shinobi from the Web
Let's Encrypt will validate your domain via Port 80. The default port for Shinobi is Port 8080. http://YOUR_SHINOBI:8080/ For this to work you must redirect the incoming Port 80 on your router to Port 8080 on your Shinobi Server.
5. Generate the Certificate
certbot certonly --webroot -w /home/Shinobi/web -d cam.yourdomain.com * Replace cam.yourdomain.com with your server's domain name
6. Edit the Shinobi config file – conf.json
cd /home/Shinobi
nano conf.json
"ssl": {
"key":"/etc/letsencrypt/live/cam.yourdomain.com/privkey.pem",
"cert":"/etc/letsencrypt/live/cam.yourdomain.com/fullchain.pem",
"port": 443
},
Ctrl O, Enter to Save and Ctrl X to exit
7. Restart Shinobi
pm2 restart camera.js
8. https://cam.yourdomain.com should now work.