Support HTTPS - Githubissues

peterbraden commented 13 years ago

Creating a tracking ticket so I can keep all the research and planning related to this in one place.

Jellyfish currently doesn't support HTTPS, and a good stopgap until we get it working is to just let https traffic pass through. At the moment we seem to be closing https requests with an empty response (Chrome: Error 324 (net::ERR_EMPTY_RESPONSE))

To support HTTPS we need to address:

Certs. Jellyfish is essentially a man in the middle attack, so we need to self sign each host the proxy deals with and have a mechanism for the browser to accept the cert.

- Adding the https server port to each browser setup vars.

brianstarke commented 12 years ago

+1

MarcWeber commented 11 years ago

This issue is a big one - which is why I think it should even be mentioned in the README till HTTPS is supported. Its the only reason why I'm not even looking at this library at the moment.

MarcWeber commented 11 years ago

Well - you can still run everything behind a apache/nginx proxy, right? So you can still secure your web application easily..

admc / jellyfish

Support HTTPS #5