Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Software > Calibre > Server

Notices

Reply
 
Thread Tools Search this Thread
Old 07-07-2018, 11:52 AM   #1
Inukami
Zealot
Inukami began at the beginning.
 
Inukami's Avatar
 
Posts: 103
Karma: 10
Join Date: Jun 2017
Location: Australia
Device: Mac OS X, iPad Mini 4, iPhone 6, iBooks, Kindle for Mac & PC
Question How do you enable HTTPS on the content server?

So I have managed to set up my content server over the internet with passwords as per the instructions HERE. I had to enable port forwarding on my router (iiNet) and also enable port forwarding with my provider and then everything was fine.

It mentions in the calibre manual that you should enable HTTPS on the content server for maximum security. How do you do this? I know I need to put something into Preferences > Sharing over the net > Advanced but not sure where and how to get the path to the HTTPS certificate. I'm using Chrome as my browser. Any help with this would be appreciated.

Thanks,

Inukami
Inukami is offline   Reply With Quote
Old 07-07-2018, 02:05 PM   #2
gbm
Wizard
gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.
 
Posts: 1,459
Karma: 5435106
Join Date: Jun 2010
Device: Windows 10 tablet,Hisence Sero 7 Pro RIP, Nook STR, jetbook lite
You will need to get a certificate first--this is the hard part. Start here. Now you are on your own.

You will probably want to use the Certbot ACME client.

bernie
Quote:
Originally Posted by Inukami View Post
So I have managed to set up my content server over the internet with passwords as per the instructions HERE. I had to enable port forwarding on my router (iiNet) and also enable port forwarding with my provider and then everything was fine.

It mentions in the calibre manual that you should enable HTTPS on the content server for maximum security. How do you do this? I know I need to put something into Preferences > Sharing over the net > Advanced but not sure where and how to get the path to the HTTPS certificate. I'm using Chrome as my browser. Any help with this would be appreciated.

Thanks,

Inukami
gbm is offline   Reply With Quote
Old 07-17-2018, 08:55 AM   #3
Inukami
Zealot
Inukami began at the beginning.
 
Inukami's Avatar
 
Posts: 103
Karma: 10
Join Date: Jun 2017
Location: Australia
Device: Mac OS X, iPad Mini 4, iPhone 6, iBooks, Kindle for Mac & PC
Quote:
Originally Posted by gbm View Post
You will need to get a certificate first--this is the hard part. Start here. Now you are on your own.

You will probably want to use the Certbot ACME client.

bernie
Thanks for this. It seems to be fairly straight forward (instructions are good) once you know the server software and the system which I have no idea. Any help with the first part would be appreciated.

Apache & Ubuntu?

Inukami
Inukami is offline   Reply With Quote
Old 07-17-2018, 09:03 AM   #4
kovidgoyal
creator of calibre
kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.
 
kovidgoyal's Avatar
 
Posts: 33,727
Karma: 10215946
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
Any linux distro is fine. I would recommend nginx rather than apache for th eserver (a bit easier to configure). And see https://manual.calibre-ebook.com/server.html for how to integrate the calibre server into nginx.
kovidgoyal is offline   Reply With Quote
Old 08-15-2018, 09:23 AM   #5
jlosito
Junior Member
jlosito began at the beginning.
 
Posts: 4
Karma: 10
Join Date: Aug 2018
Location: New Jersey, USA
Device: iPad
I've been trying to do this myself, but I'm strictly using command line tools and am experiencing some trouble. I have my systemd unit file and my certificate from letsencrypt. My unit file is below.

Code:
  1 [Unit]
  2 Description=Calibre Content Server
  3 After=network.target
  4 
  5 [Service]
  6 Type=simple
  7 PIDFile=/var/run/calibre-server.pid
  8 User=jlosito
  9 Group=jlosito
 10 ExecStart=/opt/calibre/calibre-server \
 11         --port 8081 \
 12         --userdb /srv/calibre/users.sqlite \
 13         --enable-auth \
 14         --access-log /var/log/calibre/access-log \
 15         --log /var/log/calibre/log \
 16         "/run/media/jlosito/7022f255-e61e-43f3-a5a9-216d5559fc84/Calibre Library"
 17 
 18 [Install]
 19 WantedBy=multi-user.target
When I add the following two lines to the unit file in ExecStart, everything breaks.

Code:
 16         --ssl-keyfile /etc/letsencrypt/live/losito.ddns.net/privkey.pem \
 17         --ssl-certfile /etc/letsencrypt/live/losito.ddns.net/fullchain.pem \
I noticed an error in the logs. It reads as the following:

Quote:
Unhandled exception in state: State: do_ssl_handshake Client: 192.168.1.1:40352 Request: WebSocketConnection
Traceback (most recent call last):
File "site-packages/calibre/srv/loop.py", line 569, in tick
File "site-packages/calibre/srv/loop.py", line 177, in do_ssl_handshake
SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:590)
I'm really stuck and have no idea what to do. Is it required to set up a reverse proxy using nginx or apache?

jlosito is offline   Reply With Quote
Old 08-15-2018, 10:55 AM   #6
gbm
Wizard
gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.
 
Posts: 1,459
Karma: 5435106
Join Date: Jun 2010
Device: Windows 10 tablet,Hisence Sero 7 Pro RIP, Nook STR, jetbook lite
Quote:
Originally Posted by jlosito View Post
I've been trying to do this myself, but I'm strictly using command line tools and am experiencing some trouble. I have my systemd unit file and my certificate from letsencrypt. My unit file is below.
Spoiler:

Code:
  1 [Unit]
  2 Description=Calibre Content Server
  3 After=network.target
  4 
  5 [Service]
  6 Type=simple
  7 PIDFile=/var/run/calibre-server.pid
  8 User=jlosito
  9 Group=jlosito
 10 ExecStart=/opt/calibre/calibre-server \
 11         --port 8081 \
 12         --userdb /srv/calibre/users.sqlite \
 13         --enable-auth \
 14         --access-log /var/log/calibre/access-log \
 15         --log /var/log/calibre/log \
 16         "/run/media/jlosito/7022f255-e61e-43f3-a5a9-216d5559fc84/Calibre Library"
 17 
 18 [Install]
 19 WantedBy=multi-user.target
When I add the following two lines to the unit file in ExecStart, everything breaks.

Code:
 16         --ssl-keyfile /etc/letsencrypt/live/losito.ddns.net/privkey.pem \
 17         --ssl-certfile /etc/letsencrypt/live/losito.ddns.net/fullchain.pem \
I noticed an error in the logs. It reads as the following:



I'm really stuck and have no idea what to do. Is it required to set up a reverse proxy using nginx or apache?

EDIT
What OS and version?


Try putting the certfile first:
Code:
 --ssl-certfile /etc/letsencrypt/live/losito.ddns.net/fullchain.pem \
 --ssl-keyfile /etc/letsencrypt/live/losito.ddns.net/privkey.pem \
If that does not work then next try coping your certificate files to /opt/calibre, then change the path for them to:
Code:
 --ssl-keyfile /opt/calibre/fullchain.pem \
      --ssl-certfile/opt/calibre/privkey.pem \

bernie

Last edited by gbm; 08-15-2018 at 11:00 AM.
gbm is offline   Reply With Quote
Old 08-16-2018, 02:53 AM   #7
kovidgoyal
creator of calibre
kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.kovidgoyal ought to be getting tired of karma fortunes by now.
 
kovidgoyal's Avatar
 
Posts: 33,727
Karma: 10215946
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
That error indicates youa re sending an http request to an http server. Use a URL of the form

https://server:port

Last edited by theducks; 08-16-2018 at 05:48 AM.
kovidgoyal is offline   Reply With Quote
Old 08-16-2018, 08:11 AM   #8
jlosito
Junior Member
jlosito began at the beginning.
 
Posts: 4
Karma: 10
Join Date: Aug 2018
Location: New Jersey, USA
Device: iPad
Quote:
Originally Posted by gbm View Post
EDIT
What OS and version?
Below is my OS.

Code:
$ lsb_release --all
LSB Version:	:core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID:	CentOS
Description:	CentOS Linux release 7.5.1804 (Core) 
Release:	7.5.1804
Codename:	Core
Below is the server.

Code:
$ calibre-server --version
calibre-server (calibre 3.28)
Quote:
Try putting the certfile first:
Code:
 --ssl-certfile /etc/letsencrypt/live/losito.ddns.net/fullchain.pem \
 --ssl-keyfile /etc/letsencrypt/live/losito.ddns.net/privkey.pem \
I tried that, but everything works after following @kovidgoyal advice. He hit it right on the head when he stated the following statement.

Quote:
That error indicates youa re sending an http request to an http server. Use a URL of the form
If I enable SSL in the service file, then I have to explicitly use https in the browser. Exactly like he said.

So I think it's somewhat wanted to use a proxy using Apache or Nginx out of convenience. As per Goyal's advice. I think I'm going to try to use Nginx.

Furthermore, I want to thank you all for replying and maintaining this project. I absolutely love it.

Last edited by jlosito; 08-18-2018 at 10:38 AM.
jlosito is offline   Reply With Quote
Old 12-03-2018, 05:54 PM   #9
soniabu
Member
soniabu began at the beginning.
 
Posts: 12
Karma: 10
Join Date: Nov 2018
Device: tablet
Quote:
Originally Posted by kovidgoyal View Post
That error indicates youa re sending an http request to an http server. Use a URL of the form

https://serverort
Great Kovidgoyal: thxs.
I managed to connect from another terminal in the LAN to the server via https. So it works with the certificate I created with openssl: well.
However, the error it indicates is abstruse!
It is not absolutely clear where it indicates to provide https instead of http.
Anyway well so.
The only test I still can't solve is the connection to the Calibre server via the Internet. While giving the command https://my public IP: port
firefox replay: Unable to connect.
anyway thanks Kovidgoyal.
sonia
P.S.
Maybe it is necessary to install Nginx to connect via the internet?

Last edited by soniabu; 12-03-2018 at 06:08 PM.
soniabu is offline   Reply With Quote
Old 12-05-2018, 03:16 PM   #10
soniabu
Member
soniabu began at the beginning.
 
Posts: 12
Karma: 10
Join Date: Nov 2018
Device: tablet
Calibre Web Server

Friends I can not connect from the internet to the web content of Calibre.
I always get this error when I enter: https://89.30.10.190:9090

Secure Connection Failed

The connection to 89.30.10.190 was interrupted while the page was loading.

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.

try again
but the strange thing is that it does not allow me to skip the notification - with the adwanced button, that would allow me to confirm the exception as happens with the use of a LAN terminal.
Can someone suggest some solution to me?
thx sonia

Last edited by soniabu; 12-05-2018 at 03:18 PM.
soniabu is offline   Reply With Quote
Old 12-05-2018, 04:25 PM   #11
gbm
Wizard
gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.gbm ought to be getting tired of karma fortunes by now.
 
Posts: 1,459
Karma: 5435106
Join Date: Jun 2010
Device: Windows 10 tablet,Hisence Sero 7 Pro RIP, Nook STR, jetbook lite
Quote:
Originally Posted by soniabu View Post
Friends I can not connect from the internet to the web content of Calibre.
I always get this error when I enter: https://89.30.10.190:9090

Secure Connection Failed

The connection to 89.30.10.190 was interrupted while the page was loading.

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem.

try again
but the strange thing is that it does not allow me to skip the notification - with the adwanced button, that would allow me to confirm the exception as happens with the use of a LAN terminal.
Can someone suggest some solution to me?
thx sonia
You will need to manually install your cert into your blower.

e.g Firefox.

https://wiki.wmtransfer.com/projects...ozilla_Firefox

bernie
gbm is offline   Reply With Quote
Old 12-05-2018, 04:40 PM   #12
soniabu
Member
soniabu began at the beginning.
 
Posts: 12
Karma: 10
Join Date: Nov 2018
Device: tablet
thx gmb, Ill try.
sonia
soniabu is offline   Reply With Quote
Old 12-05-2018, 04:58 PM   #13
soniabu
Member
soniabu began at the beginning.
 
Posts: 12
Karma: 10
Join Date: Nov 2018
Device: tablet
Quote:
Originally Posted by gbm View Post
You will need to manually install your cert into your blower.

e.g Firefox.

https://wiki.wmtransfer.com/projects...ozilla_Firefox

bernie
Bernie,
was already included in firefox
thx again but nothing to do
I have a doubt.
To perform the test on the my public ip address, I login with the same PC on which I have the content server calibre. Can all this be done?
I mean: can I access my public address from the same PC that's reachable from that public address?
sonia

Last edited by soniabu; 12-05-2018 at 05:29 PM.
soniabu is offline   Reply With Quote
Reply

Tags
calibre, content server, https

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Is there any way to enable 'report content error' and 'share' option on ebook? VósMicêSama ePub 13 11-08-2016 06:34 PM
Content server on ubuntu 12.04 headless server ImageMagick: libltdl.so.7 Cool Javelin Calibre 5 04-08-2015 03:20 AM
Calibre Content Server and Windows Home Server 2011 HughMcC Calibre 8 10-01-2014 08:26 AM
ebook-convert “Enable sharing of book content” laurent68 Conversion 1 09-23-2014 08:08 AM
500 Internal Server Error accessing content server Calibre 0.8.8 DaddyO57 Calibre 1 07-20-2012 07:08 PM


All times are GMT -4. The time now is 07:53 AM.


MobileRead.com is a privately owned, operated and funded community.