6.4.0. heavy.conf setting
Hai, I have heavy.conf
-
Hi,
To enable https in Immerse, you need a certificate with a key.
In this article, Setting-up-your-server-with-Let-s-Encrypt-certificates-using-Certbot is explained how to install and use certbot on Ubuntu, but it should work the same on other OS like macOS.
Anyway, you can create a self-signed certificate using openssl with a simple command like that
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /var/lib/heavyai/mykey-selfsigned.pem -out /var/lib/heavyai/mycert-selfsigned.pem
change the permissions to be sure that the file can be read from the server
chmod a+rx /var/lib/heavyai/mykey-selfsigned.pem /var/lib/heavyai/mycert-selfsigned.pem
and then add the parameters to your heavy.conf file and restart the web server (or the container running the web server.
enable-https=true
cert = "/var/lib/heavyai/mycert-selfsigned.pem"
key = "/var/lib/heavyai/mykey-selfsigned.pem "In both examples, the certificates have been placed into the /var/lib/heavyai directory because it is the default directory for docker or on-premise installation.
Using self-signed certificates, the browser will warn you about some security issues, so you'll need to add an exception.
For reference, I used the parameters to generate the certificate with openssl.
Let me know if this configuration solve your issues -
Hello!
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /var/lib/heavyai/mycert-selfsigned.pem -out /var/lib/heavyai/mycert-selfsigned.pem
this command creates var/lib/heavyai/mycert-selfsigned.pem
I don't understand how to create
mycert-selfsigned.crt"
mycert-selfsigned.key"?
-
https://localhost:6273/ start off
Navigate to: http://localhost:6273
⇨ https server started on [::]:6273
echo: http: TLS handshake error from 172.17.0.1:63600: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63602: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63604: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63606: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63608: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63610: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63612: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63618: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63620: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63622: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63624: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63626: remote error: tls: unknown certificate
echo: http: TLS handshake error from 172.17.0.1:63628: remote error: tls: unknown certificate
-
Hi,
The remote error is coming from your browser that's not accepting the certificate; you have to add an exception
as an example with Chrome when I connect I have to click on Advanced
and then clicking on Proceed on localhost
This happens with self signed certificates, because the Certification Authority isn't trusted.
Please sign in to leave a comment.
Comments
7 comments