Open FreddieAkeroyd opened 2 years ago
potentially just need to do this:
http_server = tornado.httpserver.HTTPServer(application, ssl_options={
"certfile": "/var/pyTest/keys/ca.csr",
"keyfile": "/var/pyTest/keys/ca.key",
})
in https://github.com/ISISComputingGroup/JSON_bourne/blob/master/webserver.py#L92-L94
If somebody shows me where the cert and key are I'd happily just FR that
It is IIS so was installed as per https://www.digicert.com/kb/csr-creation-ssl-installation-iis-10.htm however the cer i was sent didn't work and i had to import it "PKCS#7, PEM encoded". I am not sure where the private key is, we'll need to look at some more docs...
Manged to extract certificates from server, briefly tested and it seems to work though it upsets existing web dashboards until they are restarted/cached cleared. It seems the browsers cache the javascript and don't check if it has changed, hence don't notice the swap to https on 60000. So we'll need to coordinate with a post to scientists. Alternative would be to setup a new port for https, but we'd need to get it opened at firewall etc. so easier just to get people to reset browsers
Dashboards all seem to be working ok for me on https; can this issue be closed?
The web dashboards (dataweb.isis.rl.ac.uk) does not currently support
https
access, this looks to be causing issues with eduroam in some circumstances. I added a certificate to the server but if you access'https://dataweb.isis.rl.ac.uk/IbexDataweb/default.html?Instrument=larmor
in chrome with the developer tools debug console you getjson bourne serves information from port 60000 but not in secure format.
Though the issue was reported by an isis scientist connected externally via eduroam, we have been having strange issues with local visitors on eduroam being unable to connect to dashboards. This may resolve that too.
Acceptance criteria