I have VPS running Debian 9 with Keter serving single web application.
I've generated certificates using Create certificate button in Origin Certificates section of Crypto tab.
Then I've edited my keter.yaml:
stanzas:
- type: webapp
exec: ../dist/bin/dummy-name
args: []
hosts:
- dummy-domain.info
ssl:
key: /opt/keter/etc/cert/dummy-domain.info.key
certificate: /opt/keter/etc/cert/dummy-domain.info.pem
There are also a remark:
# Enable to force Keter to redirect to https
# Can be added to any stanza
# requires-secure: true
When I've uploaded new bundle it looks like that things does not work correct. My website can be visited via HTTP (works as expected), and HTTPS, but it cannot load generated CSS and JS files from static (links injected in document have http scheme).
What else should I do to make everything work using secure HTTPS connection?
There are unclear options for keter:
# for all stanzas
requires-secure: true
# stanza based
host: ....
secure: true
Also I have no idea which options should I use on CloudFlare too
SSL type now set to Flexible
Always Use HTTPS is OFF
OK, finally I've done following:
keter.ymlstanzas:
- type: webapp
exec: ../dist/bin/dummy-name
args: []
hosts:
- dummy-domain.info
requires-secure: true
ssl:
key: /opt/keter/etc/cert/dummy-domain.info.key
certificate: /opt/keter/etc/cert/dummy-domain.info.pem
keter-config.yamlroot: ..
#
# # Keter can listen on multiple ports for incoming connections. These ports can
# # have HTTPS either enabled or disabled.
listeners:
# HTTP
- host: "*4" # Listen on all IPv4 hosts
port: 80 # Could be used to modify port
# HTTPS
- host: "*4"
port: 443
key: cert/dummy-domain.info.key
certificate: cert/dummy-domain.info.pem
SSL type now set to Full
Always Use HTTPS is ON
Also I've restarted keter service
sudo service keter restart
Now everything work as expected.