0

Background:

I have my personal website running on a lighttpd server on my raspberry pi. I have that server’s port (80) forwarded so it can be accessed publicly.

I’m in the process of making a project, and I want a node.js service to make requests to from the lighttpd server. I set up pm2 so the node.js server is always running. I have that port forwarded too (5000). I've verified that this server is working via postman and the browser

Problem:

I'm receiving the following error when making requests:

has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space private.

Of note; I have Access-Control-Allow-Private-Network:true in the response header and Access-Control-Request-Private-Network:true in the request header. The only other solution I've found that might fix this is getting an SSL cert for the lighttpd server and using https for it, however I'm struggling setting that up to see if it would work

Questions:

    1. Would getting an SSL cert for lighttpd allow me to make requests to my pm2 server?
    1. Is there a different solution?
    1. How secure is this setup? I don't expect a lot of traffic...
Bob Nearents
  • 13
  • 4
  • Setting up TLS with lighttpd: https://wiki.lighttpd.net/Docs_SSL#Quick-Start and https://wiki.lighttpd.net/HowToSimpleSSL – gstrauss Jun 17 '22 at 17:22
  • I was able to set up SSL on my lighttpd server, but still unable to make requests publicly. I realized my issue is that I'm trying to use multiple ports for separate domains, and you can't really do that. The best solution I've found is to set up a reverse proxy and use subdomains. Like this: https://serverfault.com/questions/1035991/setting-up-sub-domains-to-access-different-ports-on-specific-ip – Bob Nearents Jul 06 '22 at 19:24

0 Answers0