On Fri, Dec 21, 2018 at 02:42:04PM -0600, horrido wrote: > Okay, I will dispense with the self-signed certificate and purchase a > commercial one, say, from Comodo (PositiveSSL).
Use Let's Encrypt-issued certificates, available without charge. Let's Encrypt's CA certificate is built-in trusted by all the major web browsers, meaning no action is required on the part of the web browser user when visiting a site over HTTPS with certificate issued by Let's Encrypt. Use Caddy as reverse proxy for your webapp. Caddy has transparent integration with Let's Encrypt: it generates/saves crypto keys, performs the Let's Encrypt protocol dances to request for and renew Let's Encrypt certificates, meaning no action is required on the part of the web site/app administrator after setting it up. Use Docker, which makes it easy to set up Caddy and your Pharo webapp. See my recent blog post: https://www.samadhiweb.com/blog/2018.12.09.https.html Pierce