Forum OpenACS CMS: forward port 80 to port 443 and upgrade to secure connection

Collapse
1: forward port 80 to port 443 and upgrade to secure connection
Posted by Vasily Sora on 11/08/18 01:54 AM
I'm wondering how to upgrade an insecure connection being made on port 80 and redirect to port 443 with naviserver? I'm doing a lot of work getting naviserver set up right before I install openacs.
Collapse
2: Re: forward port 80 to port 443 and upgrade to secure connection (response to 1)
Posted by Gustaf Neumann on 11/08/18 09:45 AM
The recommended way for upgrading from plain http to https is via HTTP Strict Transport Security (HSTS [1]); this is the setup e.g. at openacs.org.

Actually one should get this more or less out of the box, when installing OpenACS via [2]. After installing, install a certicfiate and activate https (i.e. uncomment "set httpsport ..." in the config file). The default config file openacs-config.tcl [3] is installed by [2] by default as /usr/local/ns/config-openacs-VERSIONNUMBER.tcl (e.g. openacs-5-9-1.tcl).

all the best
-g

[1] https://developer.mozilla.org/en-US/docs/Glossary/HSTS
[2] https://openacs.org/xowiki/naviserver-openacs
[3] https://bitbucket.org/naviserver/naviserver/src/default/openacs-config.tcl