Project

General

Profile

Actions

Question #3486

closed

Why doesn't the Rudder webapp use https instead of http?

Added by Dennis Cabooter over 11 years ago. Updated almost 10 years ago.

Status:
Resolved
Priority:
4
Assignee:
Jonathan CLARKE
Category:
Packaging
Target version:
Regression:

Description

The title says it all. :)

Actions #1

Updated by Matthieu CERDA over 11 years ago

  • Tracker changed from Question to User story
  • Project changed from Rudder to 34
  • Status changed from New to 8
  • Assignee set to Jonathan CLARKE
  • Priority changed from N/A to 4
  • Target version set to 2.6.0~rc1

Well, simply because we did not bundle an Apache configuration to do it, but I agree that this is a very common use case (actually, nearly everyone using Rudder in production uses HTTP/S), so we should enable HTTP/S in the base installation as well :)

Actions #2

Updated by Matthieu CERDA over 11 years ago

  • Assignee changed from Jonathan CLARKE to Matthieu CERDA
Actions #3

Updated by Matthieu CERDA over 11 years ago

  • Target version changed from 2.6.0~rc1 to 2.6.0
Actions #4

Updated by Jonathan CLARKE over 11 years ago

  • Target version changed from 2.6.0 to 2.6.1
Actions #5

Updated by Nicolas PERRON over 11 years ago

  • Target version changed from 2.6.1 to 2.6.2
Actions #6

Updated by Nicolas PERRON over 11 years ago

  • Target version changed from 2.6.2 to 2.6.3
Actions #7

Updated by Dennis Cabooter over 11 years ago

Proposal:

- Change /etc/apache2/sites-enabled/rudder-default to /etc/apache2/sites-enabled/rudder-ssl

- Edit /etc/apache2/sites-enabled/rudder-ssl

#<VirtualHost *:80>
<VirtualHost *:443>
        ServerAdmin webmaster@localhost

        SSLEngine on
        SSLCertificateFile /etc/ssl/certs/server.crt
        SSLCertificateKeyFile /etc/ssl/private/server.key

- Create /etc/apache2/sites-enabled/rudder-default

<VirtualHost *:80>
  ServerName rudder
  Redirect permanent / https://rudder/
</VirtualHost>
Actions #8

Updated by Dennis Cabooter over 11 years ago

For the certificates, you can use:

- a self-signed certificate, generated by Normation
- a machine provided snakeoil certificate, and then advise the user to possibly replace it with their own (self-signed) certificate

Actions #9

Updated by Nicolas PERRON over 11 years ago

  • Target version changed from 2.6.3 to 2.6.4
Actions #10

Updated by Nicolas PERRON over 11 years ago

  • Target version changed from 2.6.4 to Ideas (not version specific)
Actions #11

Updated by Jonathan CLARKE almost 11 years ago

  • Tracker changed from User story to Question
  • Assignee changed from Matthieu CERDA to Jonathan CLARKE
  • Target version changed from Ideas (not version specific) to 2.8.2

As of Rudder 2.8.0, https is enabled and configured by default. See http://blog.normation.com/en/2013/11/20/rudder-goes-on-patrol-2-8-0/ for details.

Actions #12

Updated by Jonathan CLARKE almost 11 years ago

  • Project changed from 34 to Rudder
Actions #13

Updated by Jonathan CLARKE almost 11 years ago

  • Project changed from Rudder to 34
Actions #14

Updated by Jonathan CLARKE almost 11 years ago

  • Status changed from 8 to Resolved
Actions #15

Updated by Benoît PECCATTE almost 10 years ago

  • Project changed from 34 to Rudder
  • Category set to Packaging
Actions

Also available in: Atom PDF