FYI for everyone is this thread.
We now have Cloudflare in the app-store which allows you to make apps accessible behind a public domain.
2 Likes
True, but for some apps are still needed https locally, even Cloudflare doing the tunneling.
1 Like
Doesnât the Cloudflare platform require a user account? If so, Iâd prefer something more anonymous.
2 Likes
Hello,
Seconding the request about https. Is it planned in the roadmap?
Unvelievable this is not yet a reality (and how this is not priority at all), sure itâs one of the reasons why some people migrate to Citadel
I need HTTPS locally to make my btcpayserver work with cloudflare.
why would you let us install apps that require local https, but then we cannot use. makes no sense
3 Likes
No, you donât. When you create the tunnel on Cloudflare, you have the option of making a http connection to localhost and port. BTCpayserver will accept this encrypted tunnel from Cloudflare and youâll get access to the full functionality. Your connection will be a https connection from your browser to your umbrel. The only unencrypted connection is between the Cloudflare service and the btcpayserver service, which only happens, and is contained to the localhost.
ntfy canât show desktop notifications because the web Notifications API requires HTTPS
3 Likes
I have created a app which would run Umbrel in https using self signed certificates. Check out this discussion
1 Like
You can always do it with an alias or an email not associated with your identity.
This is an interesting discussion.
People apparently donât know how TOR works. If youâve ever noticed, all .onion sites never use HTTPS. They only use HTTP. This is because they donât need to use SSL and instead use TORâs own encryption, and owners of .onion sites do not want to register a certificate, because going out and registering an SSL certificate with a Certificate Authority (CA) organization is the opposite of being anonymous when it comes to hosting your hidden service. Thatâs not up to Umbrel; itâs just how TOR works. Go browse the dark web sometime. Hereâs a Reddit thread on the subject.
https://www.reddit.com/r/TOR/comments/v4mtid
When it comes to HTTPS on your local network, it really would be nice to have the option of setting up an SSL certificate and enable HTTPS for Umbrel apps, as people have expressed here and other places. However, I can see why it wouldnât be enabled by default. Just like your local router or printer, going to a webpage on your LAN with HTTPS would have your browser give you a warning stating it doesnât have a certificate it recognizes (which you can skip), which your browser does for every site whose certificate hasnât been registered with a CA, something you donât do for non-public sites on your LAN.
Pretty sure this would be the case with or without HTTPS, if your Umbrel were vulnerable. HTTPS isnât a firewall. It just encrypts your traffic between computers.
Regardless, the option would be nice since itâs such as highly requested feature. Has there ever been a statement from the Umbrel team as to why theyâve opted to not add this as a feature by now?
This is not true. Simply doesnât work. Still throws a http error.