Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add letsencript SSL signing to GVL auto config #7

Open
AndrewIsaac opened this issue Jan 16, 2017 · 2 comments
Open

Add letsencript SSL signing to GVL auto config #7

AndrewIsaac opened this issue Jan 16, 2017 · 2 comments

Comments

@AndrewIsaac
Copy link

Really a GVL deployment issue
Ben did the following to get SSL certs (RT#24819), need to automate.

  • installed letsencrypt (apt install letsencrypt)
  • generated a new cert that works for {www.,}genome.edu.au {www.,}gvl.org.au
  • updated nginx config to use the newly generated key and cert
  • added a renewal script at /usr/local/bin/renew_letsencrypt_cert
  • scheduled daily run of renewal script

After talking to Simon, I also added 301 redirects to:

  • encrypt all traffic
  • send all traffic to the canonical hostname, www.gvl.org.au
@AndrewIsaac
Copy link
Author

Noticed that GVL's are not using https, is this related?

@nuwang
Copy link
Member

nuwang commented Mar 17, 2017

Thanks, this is very useful. There is an option to enable https in cloudman, but that generates a self-signed certificate. As a result, you get warning about it not being trusted on first login. letsencrypt should solve that problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AndrewIsaac @nuwang