Sorry. I hit send a little early...
Let's Encrypt works on a challenge-response type thing, so the location you
end up at must be valid for read/write, which is why most people do it with
Apache or Nginx acting like a proxy. You do get a key and a cert, so you
could put them somewhere else, but it needs to be refreshed every 30 days,
so this is going to be a pain unless you can automate that yourself, and
you need to make sure the challenge gets routed to the correct place.
Cheers
Tim...
On Thu, Mar 5, 2020 at 6:58 PM Tim Hall <tim@xxxxxxxxxxxxxxx> wrote:
Hi.
Currently, you have to put something in front. Either a compute instance
acting as a reverse proxy, or a load balancer I guess. From what you've
said I assume you already know how to do this, but this is an example of
using Let's Encrypt.
https://oracle-base.com/articles/linux/letsencrypt-free-certificates-on-oracle-linux
I recently did this myself on the free tier. :)
I've heard tell that allowing a vanity URL for APEX is something in the
pipeline for the cloud database services, but I'm not sure how far the line
that is, and I'm not sure if it will support Let's Encrypt. I'm guessing
not.
Cheers
Tim...
On Thu, Mar 5, 2020 at 5:43 PM Ethan Post <post.ethan@xxxxxxxxx> wrote:
Chicken-egg problem here.
To use vanity urls in oracle cloud APEX I need a cert for the load
balancer. I can't generate a cert with Lets Encrypt unless I own the web
server. I could possibly generate a cert on another platform and then use
it. Maybe that is solution but not sure if cert is somehow tied to anything
I don't know about. Then refreshing the cert still becomes issue.
Is there a way to do above that I am missing? Maybe another free cert
provider?
The other option is to stand up a compute instance and install a web
server and use as reverse proxy to APEX. I see Dmitri Gielis's articles on
this and can do if required.
Thanks,
Ethan
e-t-h-a-n.com