perfsonar-user - Re: [perfsonar-user] How to redirect 80 port ?
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Andrew Lake <>
- To: , Marco Saldarriaga <>
- Subject: Re: [perfsonar-user] How to redirect 80 port ?
- Date: Wed, 30 Sep 2020 15:12:38 -0400
Hi,
While you may find the FAQ sparse on details, it is accurate that you can follow the apache instructions to install an SSL certificate, there’s nothing special. We cleaned this up a couple years ago so it was easier for people. There are many users that have similar needs to install their own certificates, allow a stricter set of ciphers, etc. The toolkit tries to give people a sane set of defaults without getting in their way if they want to change things. To that end it does not touch the default ssl.conf file. It installs a file called /etc/httpd/conf.d/apache-perfsonar-security.conf which sets some globally scoped settings for the cipher, allowed tls version, etc. The default ssl.conf that ships with Apache creates a virtual host and any settings set inside the virtual host override the global settings in the apache-perfsonar-security.conf. It does NOT set the certificate, that is left to the ssl.conf file. Thus you should be able to follow the instructions for adding a Let’s Encrypt certificate on an Apache server and it should just work. Subsequent perfSONAR updates, etc should leave your configuration alone.
Thanks,
Andy
On September 30, 2020 at 2:27:20 PM, Marco Saldarriaga () wrote:
You can use Let's Encrypt certificates
Marco
On 2020-09-30 14:08, Mark Feit wrote:
">--writes: Problem is the following: here in ASNET we have policy and procedure for all servers, including SSL certificates. We where not sure if this procedure is compatible with PS Apache config, because in the doc we read: "see Apache doc for SSL...". It looks like the link in the FAQ isn't as useful as it once was; I'll make a note to do something about that. We don't do anything to Apache SSL-wise other than installing a self-signed certificate and setting /etc/httpd/conf.d/ssl.conf to use it. If the procedure you're using works for a stock Apache installation on other systems, it should do just fine on a perfSONAR node. --Mark
-- To unsubscribe from this list: https://lists.internet2.edu/sympa/signoff/perfsonar-user
To unsubscribe from this list: https://lists.internet2.edu/sympa/signoff/perfsonar-user
- [perfsonar-user] How to redirect 80 port ?, Arayik Manukyan, 09/29/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Mark Feit, 09/29/2020
- Re: [perfsonar-user] How to redirect 80 port ?, eugene, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Mark Feit, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, eugene, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Mark Feit, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Marco Saldarriaga, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Andrew Lake, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Marco Saldarriaga, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Mark Feit, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, eugene, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Mark Feit, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, eugene, 09/30/2020
- Re: [perfsonar-user] How to redirect 80 port ?, Mark Feit, 09/29/2020
Archive powered by MHonArc 2.6.19.