RechercheTech / mss

Main MSS feature tracking repo. Also the place for default MSS issues fallinng under no other repo.
1 stars 3 forks source link

Enable HTTPS #99

Closed cyberorg closed 3 years ago

cyberorg commented 4 years ago

New browsers do no allow connection to http, MSS will need to enable https in it's nginx configuration.

https://www.techrepublic.com/article/how-to-enable-ssl-on-nginx/

in place of /etc/nginx/sites-available/example.com edit /etc/nginx/sites-enabled/mss.conf with the following:

server { listen 80 default_server; listen 443 ssl; listen [::]:443 ssl; include snippets/self-signed.conf; include snippets/ssl-params.conf; root /var/www/html; location / {

mssupdate script will have to be created with the self signed certificate and all needed files.

Browser will complain because of self signed certificate, the the user will have to give exception for this certificate one time. Using IP works using http, e.g. http://IP or http://server.local

cyberorg commented 4 years ago

Please apply this fix in post for all new installations and on customer devices.

mssupdate https://repo.myscoolserver.com/fixes/ 20200502-fixhttps

intelliant01 commented 4 years ago

Had thought about this possibility.

There are many concerns and possible solutions discussed herein.

intelliant01 commented 3 years ago

Firefox has it optional and this can easily be toggled with a switch in the settings.

image

intelliant01 commented 3 years ago

@cyberorg Close if you agree, else state why it is worth keeping it open for now.