Standalone SSL issue: can’t do it work

Hello,
I d the same post on linux section buI i think here is abetter place. Just 4 months ago i bought xojo and now i have my first web app ready. I am not very familiar with Ubuntu 16.04 but i have own a vs on digitalocean for testing purposes. The problem is that although the letsencrypt certificate is installed (i condfirmewd using a SSL tester site), i have problem to make my domain running my standalone app, secured. I have followed the instruction on xojo for standalone SSL but still no luck. The same happens with the web example SSLTest… both are running on the IDE port but not at all on the secured port i have defined. So i m facing a deadend. Is there something i have not done or a xojo colleague that can give a hand on the matter?
Regards
Michael

Can you give more information on what you did and what is not working?

If you have a website with SSL is easier to create a .cgi app. I did that for the first time and the only problem I found was the need to configure the cgi-bin directory that was disabled from my installation (not Xojo related but Apache).

Do you have a VPS on Digital Ocean?

digital ocean is only VPS (no shared platforms).

@Michael Batakis:

  • Which port is your app listening on? If you’re trying to use port 443, your app needs to be run from a privileged account to do that.
  • Have you opened the corresponding port in the firewall?

Thanks for the suggestions. However without doing anything the app works. Firefix say tht it listening to port 443 but my standalone app is configured to 9001 secured port. I have daemonised it. Maybe the problem was a lag in assigning the ip to my domain and make it usable. Now my app runs just entering my domain name on the browser without port defined. Thr only problem now is that checking how secure it is using a ssltesting site, i got reds apart from certification bar which is green, which means that i have a weak security. I would appreciate if anybody can help with it… In that case i could send a captured sceen of ssltesting site results…

Greg, i have not opened a sequred port 9001 on uninctu firewall however the app runs… any thoughts about?

If your browser is connecting on port 443 but the app is listening on port 9001, you must have another piece of software in between like Haproxy, Nginx, Apache forwarding requests to your app.

FWIW, That’s also where your security problem will be.

I got this tesitng my server on https://www.ssllabs.com/ssltest

Visit our documentation page for more information, configuration guides, and books. Known issues are documented here.
This server supports insecure cipher suites (see below for details). Grade set to F.
This server is vulnerable to the OpenSSL Padding Oracle vulnerability (CVE-2016-2107) and insecure. Grade set to F.
This server accepts RC4 cipher, but only with older protocols. Grade capped to B. MORE INFO »
This server does not support Forward Secrecy with the reference browsers. Grade capped to B. MORE INFO »
This server’s certificate chain is incomplete. Grade capped to B.

Is it possible to fix it on my own or I need hep from an advanced Linux Ubunctu user?

We really need to know more about your server configuration before moving forward.

Just to clarify:

When you build your web app to be uploaded to the server, how many files/folders are in the build folder and can you show me a list?

You said that you “followed the instruction on xojo for standalone SSL.” Could you point me to the instructions you used?

It would be helpful to look at the server. Please start a private conversation and send me the IP and url you are using to access your app.

I just created a private conversation with you, Greg…thank you for helping me!

Instructions taken from there:
http://developer.xojo.com/standalone-ssl

I make use of GraffitiSuite, so there are a lot in the build folder!

Thank you all guys who spend some time to help me solve my app’s issue. You help me a lot to make the penny dropped!