6.4.0. heavy.conf setting

Follow

Иван Л

• January 24, 2023 16:16
• Edited

Hai, I have heavy.conf 

port = 6274

http-port = 6278

calcite-port = 6279

data = "/var/lib/heavyai"

null-div-by-zero = true

enable-logs-system-tables = true

allowed-import-paths = ["/"]

allowed-export-paths = ["/"]

[web]

port = 6273

frontend = "/opt/heavyai/frontend"

#enable-https = true

 

I want to run. 

servers-json = "/var/lib/heavyai/servers.json" wish 'enable-https': "trye"

enable-https = true

Without #, my container shuts down right after start

0

• 

  Candido Dessanti

  • January 31, 2023 09:52
  • Edited

  Hi,

  To enable https in Immerse, you need a certificate with a key.

  In this article, Setting-up-your-server-with-Let-s-Encrypt-certificates-using-Certbot is explained how to install and use certbot on Ubuntu, but it should work the same on other OS like macOS.

  Anyway, you can create a self-signed certificate using openssl with a simple command like that

  openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /var/lib/heavyai/mykey-selfsigned.pem -out /var/lib/heavyai/mycert-selfsigned.pem

  change the permissions to be sure that the file can be read from the server

  chmod a+rx /var/lib/heavyai/mykey-selfsigned.pem  /var/lib/heavyai/mycert-selfsigned.pem

  and then add the parameters to your heavy.conf file and restart the web server (or the container running the web server.

  enable-https=true
  cert = "/var/lib/heavyai/mycert-selfsigned.pem"
  key = "/var/lib/heavyai/mykey-selfsigned.pem "

  In both examples, the certificates have been placed into the /var/lib/heavyai directory because it is the default directory for docker or on-premise installation.
  
  Using self-signed certificates, the browser will warn you about some security issues, so you'll need to add an exception.
  
  For reference, I used the parameters to generate the certificate with openssl.
  
  
  Let me know if this configuration solve your issues

   

  0

  Comment actions Permalink
• 

  Иван Л

  • January 30, 2023 21:05

  Hello!

  openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /var/lib/heavyai/mycert-selfsigned.pem -out /var/lib/heavyai/mycert-selfsigned.pem

  this command creates var/lib/heavyai/mycert-selfsigned.pem

  I don't understand how to create

  mycert-selfsigned.crt"
  mycert-selfsigned.key"

  ?

  0

  Comment actions Permalink
• 

  Иван Л

  • January 31, 2023 04:07

  MacBook-Air-Ivan:~ ivanzaharov$ chmod a+rx /var/lib/heavyai/mycert-selfsigned.key /var/lib/heavyai/mycert-selfsigned.pem

  chmod: /var/lib/heavyai/mycert-selfsigned.key: No such file or directory

  0

  Comment actions Permalink
• 

  Candido Dessanti

  • January 31, 2023 09:54

  HI,

  I'm sorry I made some errors with copy and paste, which I have corrected in the original message.
  
  Now everything should be ok.

  0

  Comment actions Permalink
• 

  Иван Л

  • January 31, 2023 11:18

  https://localhost:6273/   start off

  Navigate to: http://localhost:6273

  ⇨ https server started on [::]:6273

  echo: http: TLS handshake error from 172.17.0.1:63600: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63602: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63604: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63606: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63608: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63610: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63612: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63618: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63620: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63622: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63624: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63626: remote error: tls: unknown certificate

  echo: http: TLS handshake error from 172.17.0.1:63628: remote error: tls: unknown certificate

  0

  Comment actions Permalink
• 

  Candido Dessanti

  • January 31, 2023 14:25
  • Edited

  Hi,

  The remote error is coming from your browser that's not accepting the certificate; you have to add an exception

  as an example with Chrome when I connect I have to click on Advanced
  
  

  and then clicking on Proceed on localhost

  This happens with self signed certificates, because the Certification Authority isn't trusted.

  0

  Comment actions Permalink
• 

  Иван Л

  • February 03, 2023 08:10

  Hello! This worked for me! Thank you!)

  0

  Comment actions Permalink

Please sign in to leave a comment.