[Bug] - Githubissues

TheHive-Project / TheHive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

https://thehive-project.org

GNU Affero General Public License v3.0

3.39k stars 617 forks source link

[Bug] #1343

Open aaronmartin1651 opened 4 years ago

aaronmartin1651 commented 4 years ago

THEHIVE SAYS LISTENING ON HTTPS BUT ONLY HTTP WORKING

Request Type

BUG

Work Environment

Question	Answer
OS version (server)	Ubuntu
OS version (client)	Mac
TheHive version / git hash	3.4.2-1
Package Type	Docker
Browser type & version	Chrome

Problem Description

Using a Docker install for theHive 3 and Cortex2 (separate machines). Everything is installed and connected, but I am trying to get https to work. In the docker-compose.yml I added changed version from "2" to "3.2" and under volumes > -type: bind source: /opt/keystore/keystore.jks target: /etc/thehive/keystore.jks Then in application.conf I added the section to permit https: https.port: 9443 play.server.https.keyStore { path: "/etc/thehive/keystore.jks" type: "JKS" password: 'password' } When I spin up the docker it ays Listening for https on 0.0.0.0:9443 but it appears to only be listening for http I can't get https page to load. Has anyone got a docker HTTPS running correctly?

crackytsi commented 4 years ago

Are you sure you exported the correct port(s) from the containers?

aaronmartin1651 commented 4 years ago

It does look like I didn't have the port open on docker. Now that it is open it is timing out. I believe I am passing the keystore into the container correctly but it keeps saying bad password. I even created a new keystore just test it out and it still fails. I change docker-config to version 3.2 so I can pass bind commands, then I add this to docker-config.yml - type: bind source: /opt/docker-compose/keystore.jks target: /etc/thehive/keystore.jks The application.conf file contains the path to the keystore within the Docker (/etc/thehive/keystore.jks) https.port: 9443 play.server.https.keyStore { path: "/etc/thehive/keystore.jks" type: "JKS" password:'password' } It times out and the logs indicate that the password for they keystore is incorrect. I am guessing that I am passing the keystore in incorrectly in the docker-compose file, and it is using the application.conf settings to authenticate against an already existing keystore?

nadouani commented 4 years ago

For https we recommend using a reverse proxy in front of TheHive.

aaronmartin1651 commented 4 years ago

Hm. OK but since you need the Java Keystore for LDAP integration as well as the Jave Truststore, the same problem poses itself. How do we get that keystore into the Docker implementation?

aaronmartin1651 commented 4 years ago

How do we get the trust store for LDAP? And if using a reverse proxy is recommended, why is this other method included in the documentation?