Open espressobeanies opened 6 years ago
cedricve
commented
6 years ago hmm, yeah but /etc/ is not writable. I'll create a PR for this. Can you explain me in a couple of bullets, how you want to achieve setting up your SSL connection. By the way we use Nginx.
espressobeanies
commented
6 years ago Hi Cedric,
I was thinking more of a self-signed certificate for the web interface to encrypt the connection so that login credentials aren't sent via clear-text.
onshisan
commented
6 years ago Hello all,
I'm not an expert but have seen this matter discussed on other projects. One option is as follows:
https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/
onshisan
commented
6 years ago (PS: I really like this project, congratulations @cedricve!)
cedricve
commented
6 years ago thanks for sharing @onshisan, we need to implement this!
espressobeanies
commented
6 years ago Cedric, I did some testing on my KiOS install (v2.6.0) and found that in order for SSL in NGINX to work, the "ngx_http_ssl_module" needs to be added. Otherwise it won't read any of the "ssl..." directives in '/etc/nginx/nginx.conf'. If you were going to look at doing an automated process to generate SSL certs, the 'openssl' package also needs to be present as well. Thanks.
cedricve
commented
6 years ago @espressobeanies thanks for sharing! can we create a PR to integrate this in KiOS? https://github.com/kerberos-io/kios/blob/master/package/nginx/nginx-php.conf
OS: KiOS v2.6.0 Platform: Raspberry Pi 2
I'm not sure what the operating system KiOS is using, however I need a way to set an SSL certificate for the UI login. I'm not seeing any Apache or NGINX config files to modify. There is an SSL directory in /etc/.