By default, WebCentre is configured to use HTTP. The steps needed to get HTTPS working on WebCentre aren’t too complicated, but a basic understanding of how web security and certificates work is required.
We’ll assume you have a certificate for webcentre.yourdomain.com
(or a wildcard certificate for the *.yourdomain.com
).
Before starting, check your DNS is correctly configured, so that http://webcentre.yourdomain.
takes you to the (non-HTTPS) WebCentre page.
Your certificate should include a “.pem” certificate file, and a certificate key file (often a “.key” extension). Copy these to the nginx “conf” folder, C:\Program Files (x86)\Rascular\Rascular WebCentre\conf
On the WebCentre system, take a backup of the nginx.conf file, then edit it to add the yellow section, directly after the first listen and server_name commands.
Replace the green sections with the correct domain name, and the names of your certificate and key files.
listen 80; server_name webcentre.yourdomain.com localhost; listen 443 ssl; ssl_certificate webcentre.pem; ssl_certificate_key webcentre.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on;
You can optionally add this, which will automatically redirect HTTP request to HTTPS
if ($scheme = http) { return 301 https://$server_name$request_uri; }
Now restart the nginx service. If it won’t start, examine the logs/error.log
file which should contain details of the problem.
At this point, you should be able to point a browser at https://webcentre.yourdomain.
and see the HTTPS ‘padlock’ in the browser. If there’s no response from the server, check that port TCP 443 is open in your firewall to allow incoming HTTPS requests.
If you’ve enabled HTTPS on WebCentre, you’ll also need to use Secure WebSockets to control RouteMaster. Your browser won’t let you use the non-secure protocol from a secure page.