In case someone is interested in installing manager to run over SSL only. Here is how it is done on a Ubuntu server
- Install nginx:
sudo apt-get update
sudo apt-get install nginx
- Make sure nginx starts automatically on reboot:
sudo update-rc.d nginx defaults
This should be enbaled by default so you might get a message like:
System start/stop links for /etc/init.d/nginx already exist.
- Create a folder to hold your ssl certificate and create your self-signed ssl certificate:
sudo mkdir /etc/nginx/ssl
sudo openssl genrsa -out server.key 2048
sudo openssl req -new -key server.key -out server.csr
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
- Configure your redirect and bind manager’s port to use ssl by creating a proxy_pass redirect:
sudo nano /etc/nginx/sites-available/manager
Then paste the following content into the file before quitting and saving:
# access manager app on LAN and WAN over ssl on port 555
server {
listen 555 ssl;
server_name yourserver.com;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# replace 12000 with your manager installation port here
location / {
proxy_pass http://127.0.0.1:12000;
}
# This takes care of redirecting the bad request made over http back to https on port 555
error_page 400 497 https://$host:555$request_uri;
}
- restart nginx:
sudo service nginx restart
If things go wrong for some reason and the service won't restart. Look at the error logs for nginx:
cat /var/log/nginx/error.log
- Visit your manager installation via your browser and enjoy the secure connection!
https://yourserver.com:555
and check that
http://yourserver.com:555
redirects you to:
https://yourserver.com:555