From: David Botton <david@botton.com>
Subject: Gnoga and SSL / https
Date: Tue, 30 Dec 2014 20:28:17 -0800 (PST)
Date: 2014-12-30T20:28:17-08:00 [thread overview]
Message-ID: <1343c80d-bfb6-46cc-8e09-fcb2f7106416@googlegroups.com> (raw)
Gnoga works well with secure connections using Apache, NGINX, etc as a secure proxy.
Here are some simple directions using Apache:
1) Create a self signed certificate for testing. Of course in production you may want to purchase a real certificate:
openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout server.key -out server.crt -subj '/O=Botton/OU=Gnoga/CN=snake.gnoga.com'
2) I added a config:
<VirtualHost *:443>
ServerName snake.gnoga.com
SSLEngine on
SSLCertificateFile /workspace/ssl/server.crt
SSLCertificateKeyFile /workspace/ssl/server.key
ProxyPass /gnoga ws://127.0.0.1:8080/gnoga
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
</VirtualHost>
3) You need to use a Gnoga boot loader based on gnoga/html/secure.html. So given the above you can use https://snake.gnoga.com/secure.html (Of course you could set secure.html as the boot loader in the snake example and then no need to specify on command line, that would also prevent insecure connections tried directly to circumvent the proxy).
Using ssl does create some overhead and so the snake demo gets a bit jumpy when run on an secure connection.
David Botton
reply other threads:[~2014-12-31 4:28 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox