Thanks so much for all the information, this is a big help. Keith
On Wed, Dec 9, 2015 at 6:35 AM, helix84 <[email protected]> wrote: > > DSpace REST requires SSL, because the client could send the auth-token > to any request > > I'd add to that that not only tokens get sent via the connection, but > also passwords. Password authentication is currently the only > authentication method supported by dspace-rest. > > > What did you do to configure just REST running as SSL? > > Here's how you can configure a HTTPS connector in Tomcat: > https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html > > Alternatively, if you prefer setting up HTTPS in Apache HTTPD, you can > use mod_proxy_ajp to connect Tomcat with HTTPD: > https://wiki.duraspace.org/display/DSPACE/Running+DSpace+on+Standard+Ports > > If you're going to only run REST via HTTPS, it's fine to use > self-signed certificates. Otherwise I'd recommend you get a > certificate from a certificate authority. Let's encrypt is a free one > that just launched: > https://letsencrypt.org/ > > > Regards, > ~~helix84 > > Compulsory reading: DSpace Mailing List Etiquette > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > -- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/dspace-tech. For more options, visit https://groups.google.com/d/optout.
