Hi, all. I’ve purchased the Server edition of DEVONthink 3 and spent a couple of days trying to get it configured with a certificate issued by a third party issuer. My going in question, is, has anyone ever managed to get it behind a secure website? Or is that just not possible with DEVONthink web server?
My scenario is that I’d like to navigate to “example dot com,” a domain I own, and have that point to my home computer running DevonTHINK server.
I’ve secured a certificate for the website with my domain provider, and downloaded a copy to my host Mac.
After much trial and error, I was finally able to convert the certificate files to the .p12 format required by DEVONthink. I started the server, and it showed an https address on my local network e.g. “https: \ 192 dot 168…” I can connect to this address within the network, and after approving some keychain access and ignoring browser security warnings, I connect to the server and show a padlock.
From outside my network, though, if I go to example dot com, I time-out trying to connect. If I turn off the security in DEVONthink web server, I can connect fine, but the site is marked as “Not Secure” in the address bar.
I’d be extremely grateful for help.
Do you have port 443 on your home network forwarded to the DEVONthink server secure login port?
As @rpallred hinted at: this has nothing to do with DT but with your network setup.
- your server‘s name (www.example.com or whatever) must resolve to a routed IP address (_not_192.…!). That can be accomplished via DynDNS or a static IP address that your provider’s DNS server associates with your server name. That has to be your router‘s IP address.
- your router must forward all traffic to its port 443 to port 443 of your server.
Then it should be possible to reach your server from outside your local network.
In addition to @rpallred and @chrillek supurb advice … remember security! Opening up your internal network to the world brings the obvious security risks from those in that world. As these are risks, anything you do depends on your tolerance for those risks. Utilising someone with networking expertise may be warranted.
Thank you all. Yes it’s routed to my outside address. I had used port 80. I will try switching to 443. As for an expert, I’d be grateful to find one, and I’ve been unsuccessful so far. Any volunteers or suggestions?
Hi, all. I had the same result when I switched to port 443. @rpallred and @chrillek, I’m curious if either of you have tried or achieved what I am trying to do? In other words, I’d love to know if this is even possible, or whether it’s outside the abilities of DEVONthink server.
It is definitely possible and will work if configured correctly. get and pay for a networking expert to set up.
Thanks, @rmschne. I’m happy to pay a networking and security expert. Just need to find one.
I’m curious if either of you have tried or achieved what I am trying to do? In other words, I’d love to know if this is even possible, or whether it’s outside the abilities of DEVONthink server.
It definitely works, I have it set up and working so that I point my browser on my work computer to https://devon.MYDOMAINNAME.com and it connects securely to my server at home. But it is risky when messing with your network settings, so be careful. I second the idea of hiring someone to help set it up.
The only issue I’ve run into is when trying to set up a reverse proxy with DT.
Thanks, @rpallred. Good to know there’s hope. I’m on the lookout for an expert to help me.