[Gnoga-list] Full SSL support now implemented and ready to run

Tue, 13 Jan 2015 17:32:56 -0800 

It couldn't be easier to add full direct SSL support. I have setup Jeff's
Chattanooga demo in git to listen on both secure and insecure ports. I have
also removed the need for a special secure boot file and now boot.js
detects if connection is http or https and automatically switches the
websocket protocol.

I added the following line to the gpr file:

with "../../ssl/gnoga_secure.gpr";

Then I added the following to chattanooga-ui.adb:

   Gnoga.Server.Connection.Secure.Register_Secure_Server
     (Certificate_File => "/home/dbotton/workspace/ssl/star_gnoga_com.crt",
      Key_File         => "/home/dbotton/workspace/ssl/star_gnoga_com.key",
      Port             => 8443,
      Disable_Insecure => False);

   Gnoga.Application.Multi_Connect.Initialize (Port => 8082);

That's it :)

This will allow you to reach the demo at http://chat.gnoga.com:8082 or at
https://chat.gnoga.com:8443

I also setup on the server (as before) an ssl proxy to the non-SSL port
8082 so that you can access the demo chat at https://chat.gnoga.com

The apache config looks like this:

<VirtualHost *:443>
    ServerName chat.gnoga.com
    ServerAdmin da...@botton.com

    SSLEngine on
    SSLCertificateFile /home/dbotton/workspace/ssl/star_gnoga_com.crt
    SSLCertificateKeyFile /home/dbotton/workspace/ssl/star_gnoga_com.key

    ProxyPass /gnoga ws://127.0.0.1:8082/gnoga
    ProxyPass / http://127.0.0.1:8082/
    ProxyPassReverse / http://127.0.0.1:8082/

    ErrorLog ${APACHE_LOG_DIR}/gnoga.err.log
    CustomLog ${APACHE_LOG_DIR}/gnoga.log common
</VirtualHost>

This gives you a complete example of SSL with Gnoga, both direct and proxy
methods.

See the FAQ for how to create fake ssl certs and some tips if purchasing an
SSL certificate and how to add the intermediate certificates.

David Botton

------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Gnoga-list mailing list
Gnoga-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/gnoga-list

Reply via email to