Question #3486
closed
Why doesn't the Rudder webapp use https instead of http?
Added by Dennis Cabooter about 11 years ago. Updated about 9 years ago.
Description
The title says it all. :)
Updated by Matthieu CERDA about 11 years ago
- Tracker changed from Question to User story
- Project changed from Rudder to 34
- Status changed from New to 8
- Assignee set to Jonathan CLARKE
- Priority changed from N/A to 4
- Target version set to 2.6.0~rc1
Well, simply because we did not bundle an Apache configuration to do it, but I agree that this is a very common use case (actually, nearly everyone using Rudder in production uses HTTP/S), so we should enable HTTP/S in the base installation as well :)
Updated by Matthieu CERDA about 11 years ago
- Assignee changed from Jonathan CLARKE to Matthieu CERDA
Updated by Matthieu CERDA about 11 years ago
- Target version changed from 2.6.0~rc1 to 2.6.0
Updated by Jonathan CLARKE almost 11 years ago
- Target version changed from 2.6.0 to 2.6.1
Updated by Nicolas PERRON almost 11 years ago
- Target version changed from 2.6.1 to 2.6.2
Updated by Nicolas PERRON almost 11 years ago
- Target version changed from 2.6.2 to 2.6.3
Updated by Dennis Cabooter almost 11 years ago
Proposal:
- Change /etc/apache2/sites-enabled/rudder-default to /etc/apache2/sites-enabled/rudder-ssl
- Edit /etc/apache2/sites-enabled/rudder-ssl
#<VirtualHost *:80>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
- Create /etc/apache2/sites-enabled/rudder-default
<VirtualHost *:80> ServerName rudder Redirect permanent / https://rudder/ </VirtualHost>
Updated by Dennis Cabooter almost 11 years ago
For the certificates, you can use:
- a self-signed certificate, generated by Normation
- a machine provided snakeoil certificate, and then advise the user to possibly replace it with their own (self-signed) certificate
Updated by Nicolas PERRON almost 11 years ago
- Target version changed from 2.6.3 to 2.6.4
Updated by Nicolas PERRON over 10 years ago
- Target version changed from 2.6.4 to Ideas (not version specific)
Updated by Jonathan CLARKE over 10 years ago
- Tracker changed from User story to Question
- Assignee changed from Matthieu CERDA to Jonathan CLARKE
- Target version changed from Ideas (not version specific) to 2.8.2
As of Rudder 2.8.0, https is enabled and configured by default. See http://blog.normation.com/en/2013/11/20/rudder-goes-on-patrol-2-8-0/ for details.
Updated by Benoît PECCATTE about 9 years ago
- Project changed from 34 to Rudder
- Category set to Packaging