search

MISP / x_old_misp_docker

MISP Docker (XME edition)
283 stars 166 forks source link

misp-proxy - HTTPS request redirect to HTTP response #4

Open pasket opened 6 years ago

pasket commented 6 years ago

Hi,

I'm trying to configure misp-proxy to ensure all is transmited securely using https. However, if you make a https request, it always respondes with http page. For example:

httpS://localhost redirects to http://localhost/users/login
httpS://localhost/users/logout redirects to http://localhost/users/login
...

One https request gets an http redirection.

I appreciate any help.

Thanks.

pasket commented 6 years ago

Hi,

I've been analyzing this issue and for the moment I'll work with this workarround. First thing, I don't need a reverse proxy jet, I just need to allow MISP access exclusively by HTTPS. So, I decided to focus on that and to configure misp-web image/container to serve HTTPS requests.

  1. Create a directory for the certificates and create using openssl
$ mkdir misp-web/ssl
$ cd misp-web/ssl
$ openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout misp-web.key -out misp-web.crt

  1. Change Apache configuration in order use only SSL. Do it in a separated file, I'll mount it later using docker-compose.

    $ cd ..
$ vim misp.conf
# <VirtualHost *:80>
#   ServerAdmin me@me.local
#   ServerName misp.local
#   DocumentRoot /var/www/MISP/app/webroot
#   <Directory /var/www/MISP/app/webroot>
#       Options -Indexes
#       AllowOverride all
#       Order allow,deny
#       allow from all
#   </Directory>
# 
#   LogLevel warn
#   ErrorLog /var/log/apache2/misp.local_error.log
#   CustomLog /var/log/apache2/misp.local_access.log combined
#   ServerSignature Off
#         Header set X-Content-Type-Options nosniff
#         Header set X-Frame-Options DENY
# </VirtualHost>

<VirtualHost *:443>
    ServerAdmin me@me.local
    ServerName misp.local
    DocumentRoot /var/www/MISP/app/webroot
    <Directory /var/www/MISP/app/webroot>
        Options -Indexes
        AllowOverride all
        Order allow,deny
        allow from all
    </Directory>

    LogLevel warn
    ErrorLog /var/log/apache2/misp.local_error.log
    CustomLog /var/log/apache2/misp.local_access.log combined

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/misp-web/misp-web.crt
    SSLCertificateKeyFile /etc/ssl/certs/misp-web/misp-web.key

    ServerSignature Off
        Header set X-Content-Type-Options nosniff
        Header set X-Frame-Options DENY
</VirtualHost>

  2. Modify docker-compose to share https port and mount configuration file and the certificates

    $ cd ..
$ vim docker-compose.yml
    ...
ports:
  # - "80:80"
  - "443:443"
volumes:
  - ./misp-web/misp.conf:/etc/apache2/sites-available/misp.conf
  - ./misp-web/ssl:/etc/ssl/certs/misp-web
  ...
...

  3. Start docker-compose, just to create the container. MISP will not work yet. $ docker-compose up -d

  4. I don't really like this because it applies to the container and not to the image. We need to activate ssl and restart Apache.

    $ docker exec -it misp-web a2enmod ssl
$ docker exec -it misp-web service apache2 restart

  5. Ready. Check https://

guirkgumbo commented 3 years ago

Hey! Reaching out since this issue is the closest one to mine.

I am attempting to setup https only traffic with an ssl and have my misp server be available at a subdomain i.e.( misp.xxxx.com).

Updated the docker.compose.yml and apache2 config and ssl certs. The browser is happy with the domain name and says the certs are valid but when I login I get image

Any thoughts?