From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-0.7 required=5.0 tests=BAYES_00,NUMERIC_HTTP_ADDR
	autolearn=unavailable autolearn_force=no version=3.4.4
X-Received: by 10.182.165.132 with SMTP id yy4mr5047325obb.20.1420000097523;
 Tue, 30 Dec 2014 20:28:17 -0800 (PST)
X-Received: by 10.182.215.136 with SMTP id oi8mr368078obc.0.1420000097435;
 Tue, 30 Dec 2014 20:28:17 -0800 (PST)
Path: 
 border1.nntp.dca1.giganews.com!nntp.giganews.com!h15no19519213igd.0!news-out.google.com!qk8ni6425igc.0!nntp.google.com!h15no19519205igd.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail
Newsgroups: comp.lang.ada
Date: Tue, 30 Dec 2014 20:28:17 -0800 (PST)
Complaints-To: groups-abuse@google.com
Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=73.46.72.234;
 posting-account=yiWntAoAAAC1KqC_shmxJYv07B9l6LNU
NNTP-Posting-Host: 73.46.72.234
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <1343c80d-bfb6-46cc-8e09-fcb2f7106416@googlegroups.com>
Subject: Gnoga and SSL / https
From: David Botton <david@botton.com>
Injection-Date: Wed, 31 Dec 2014 04:28:17 +0000
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Xref: number.nntp.giganews.com comp.lang.ada:191609
Date: 2014-12-30T20:28:17-08:00
List-Id: <comp.lang.ada>

Gnoga works well with secure connections using Apache, NGINX, etc as a secu=
re proxy.

Here are some simple directions using Apache:

1) Create a self signed certificate for testing. Of course in production yo=
u may want to purchase a real certificate:

openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -keyout serv=
er.key -out server.crt -subj '/O=3DBotton/OU=3DGnoga/CN=3Dsnake.gnoga.com'

2) I added a config:

<VirtualHost *:443>
    ServerName snake.gnoga.com

    SSLEngine on
    SSLCertificateFile /workspace/ssl/server.crt
    SSLCertificateKeyFile /workspace/ssl/server.key

    ProxyPass /gnoga ws://127.0.0.1:8080/gnoga
    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/
</VirtualHost>

3) You need to use a Gnoga boot loader based on gnoga/html/secure.html. So =
given the above you can use https://snake.gnoga.com/secure.html (Of course =
you could set secure.html as the boot loader in the snake example and then =
no need to specify on command line, that would also prevent insecure connec=
tions tried directly to circumvent the proxy).

Using ssl does create some overhead and so the snake demo gets a bit jumpy =
when run on an secure connection.

David Botton