1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

AWS EC2 Linux 2 configuration for new PayID protocol

Discussion in 'Apache' started by Zumturtle, Jun 24, 2020.

  1. #1
    Hi, my first post here.

    I'm new to Apache. Tried to learn as much as I can on my own, but have hit a brick wall.
    PayID is a new universal payment protocol just released - more details at payid dot org. The objective is to enable sending of a variety of payments using just one human-readable address, of the form user$example.com.

    I don't want to run a full PayID server, just serve my own domain which I set up on an AWS EC2 AMI Linux 2 t2.micro instance.
    Installed Apache 2.4 and ran Certbot to get SSL certificates for example.com and www.example.com. It happily serves my index.html page in a browser over the internet. SSL Labs gives both version of the domain A+. TLS 1.2 is the only HTTPS protocol accepted by my site. I also installed Node.js (latest stable version) and NVM.
    SEMrush
    I tried to follow Matt Hamilton's example: https://dev.to/hammertoe/static-serving-payid-address-1eac
    Edited httpd.conf along the lines he shows (only showing the non-standard sections here):

    <VirtualHost InstancePublicIP:80>
        DocumentRoot "/var/www/html/example.com"
        ServerName "example.com"
        ServerAlias "www.example.com"
    RewriteCond %{SERVER_NAME} =example.com [OR]
    RewriteCond %{SERVER_NAME} =www.example.com
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
    </VirtualHost>
    
    <VirtualHost InstancePublicIP:443>
        DocumentRoot "/var/www/html/example.com"
        ServerName example.com
        ServerAlias www.example.com
    
        Header always set Strict-Transport-Security "max-age=63072000; preload"
    
        SSLEngine on
        SSLProtocol             all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
        SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-$
        SSLHonorCipherOrder     off
        SSLSessionTickets       off
    
        SSLCertificateFile "/etc/letsencrypt/live/example.com/fullchain.pem"
        SSLCertificateKeyFile "/etc/letsencrypt/live/example.com/privkey.pem"
    
        ErrorDocument 404 /404.html
    
        # PayID
        RewriteEngine On
        RewriteCond "%{HTTP_ACCEPT}" "application/xrpl-mainnet\+json"
        RewriteRule ^(.+) /.pay/$1.json [L]
       
    </VirtualHost>
    
    Code (ApacheConf):
    And in /var/www/html/example.com/.pay I have a file payme.json:

    {
      "addresses": [
        {
          "paymentNetwork": "XRPL",
          "environment": "MAINNET",
          "addressDetailsType": "CryptoAddressDetails",
          "addressDetails": {
            "address": "rVcktW*********************************"
          }
        }
      ],
      "payId": "payme$example.com"
      }
    Code (JavaScript):
    Permissions are set to 755 for the .pay folder and 644 for the json file.

    The HTTP to HTTPS rewrite seems to work. PayID mandates use of HTTPS, so it shouldn't be trying to access port 80 anyway.

    The problem is that Xumm, an app that is happy to send XRP to PayID addresses, will not recognise my payme$example.com address, whereas it recognises Matt's address and others. I also tried on a crypto exchange that uses PayID - still no joy, so it's not the Xumm app at fault.

    There is a PayID validator site: https://payidvalidator.com/
    Entering my address yields the following result:
    Validation Results
    Score 0%
    HTTP Status Code
    Value
    404
    Result
    Fail
    Message
    -
    Header Check / Access-Control-Allow-Origin
    Value
    Result
    Fail
    Message
    The header could not be located in the response.
    Header Check / Access-Control-Allow-Methods
    Value
    Result
    Fail
    Message
    The header could not be located in the response.
    Header Check / Access-Control-Allow-Headers
    Value
    Result
    Fail
    Message
    The header could not be located in the response.
    Header Check / Access-Control-Expose-Headers
    Value
    Result
    Fail
    Message
    The header could not be located in the response.
    Code (markup):
    It's a pretty comprehensive disaster! I must be doing something very wrong. Any help appreciated!
     
    Zumturtle, Jun 24, 2020 IP
    SEMrush
  2. Zumturtle

    Zumturtle Peon

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #2
    Success!! I solved the problem by moving from AWS to GCP. Google Cloud enables TLSv1.3 whereas AWS is only on v1.2. It may also be necessary to enable HTTP2, but not sure about that.
     
    Zumturtle, Jun 28, 2020 IP