PIXILAB Wiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
blocks:server:https [2019-08-23 07:59]
admin Removed path that's no longer needed and clarified some details 		blocks:server:https [2022-12-13 13:04]
admin Added OBSOLETE note
Line 1: Line 1:
 ===HTTPS=== ===HTTPS===
 +
 +:!: The method described here is **OBSOLETE**, and has been replaced by the [[blocks:server:nginx|nginx reverse proxy]] method. The method described below may still be useful server versions prior to 221214, however, which don't have the nginx reverse proxy solution.
  
 To make Blocks serve your content over HTTPS you have to add a certificate for your domain and configure Blocks to use it. Follow the steps below: To make Blocks serve your content over HTTPS you have to add a certificate for your domain and configure Blocks to use it. Follow the steps below:
  
-  - Place the certificateending with .p12in your PIXILAB-Blocks-root folder (located in the home directory of the user account under which you run the server).+  - Place the certificate (typically a file ending with .p12in your PIXILAB-Blocks-root folder (located in the home directory of the user account under which you run the server).
   - Open your Blocks server configuration file.   - Open your Blocks server configuration file.
   - Under server.applicationConnectors, make sure the settings shown below are configured as appropriate for your domain name and certificate.   - Under server.applicationConnectors, make sure the settings shown below are configured as appropriate for your domain name and certificate.
Line 11: Line 13:
 server: server:
   type: pixilab_server   type: pixilab_server
 +  requireHttps: true
   applicationConnectors:   applicationConnectors:
     - type: http     - type: http
-      port: 9080+      port: 8080
     - type: https     - type: https
-      port: 9443+      port: 8443
       keyStorePath: pixi.guide.p12       keyStorePath: pixi.guide.p12
       keyStoreType: PKCS12       keyStoreType: PKCS12
       keyStorePassword: ********       keyStorePassword: ********
       certAlias: 1       certAlias: 1
-    </code> +</code> 
-     + 
-  **keyStorePath**  is the path to the key store which contains the host certificate and private key. May be a relative path if stored under the PIXILAB-Blocks-root +  **keyStorePath**  is the path to the key store which contains the host certificate and private key. May be a relative path if stored under the PIXILAB-Blocks-root 
-  **keyStoreType** is the type of the key store used in the certificate, in our case "PKCS12" (aka "p12"). +  **keyStoreType** is the type of the key store used in the certificate, in our case "PKCS12" (aka "p12"). 
-  **keyStorePassword** is the password used to access the certificate file. +  **keyStorePassword** is the password used to access the certificate file. 
-  **certAlias** is the alias name given to the proper certificate in the file (as it may contain more than one)+  **certAlias** is the alias name given to the proper certificate in the file (as it may contain more than one)
 + 
 +The //requireHttps// option will enforce the use of HTTPS (except for unauthenticated Spots), preventing users from accidentally using the insecure http method. 
 + 
 +Once you have HTTPS working on your server, you may also want to switch to the [[blocks:server:form_authentication|form based login method]], since that method allows users to log out without having to close the web browser.