It couldn't be easier to add full direct SSL support. I have setup Jeff's
Chattanooga demo in git to listen on both secure and insecure ports. I have
also removed the need for a special secure boot file and now boot.js
detects if connection is http or https and automatically switches the
websocket protocol.
I added the following line to the gpr file:
with "../../ssl/gnoga_secure.gpr";
Then I added the following to chattanooga-ui.adb:
Gnoga.Server.Connection.Secure.Register_Secure_Server
(Certificate_File => "/home/dbotton/workspace/ssl/star_gnoga_com.crt",
Key_File => "/home/dbotton/workspace/ssl/star_gnoga_com.key",
Port => 8443,
Disable_Insecure => False);
Gnoga.Application.Multi_Connect.Initialize (Port => 8082);
That's it :)
This will allow you to reach the demo at http://chat.gnoga.com:8082 or at
https://chat.gnoga.com:8443
I also setup on the server (as before) an ssl proxy to the non-SSL port
8082 so that you can access the demo chat at https://chat.gnoga.com
The apache config looks like this:
<VirtualHost *:443>
ServerName chat.gnoga.com
ServerAdmin da...@botton.com
SSLEngine on
SSLCertificateFile /home/dbotton/workspace/ssl/star_gnoga_com.crt
SSLCertificateKeyFile /home/dbotton/workspace/ssl/star_gnoga_com.key
ProxyPass /gnoga ws://127.0.0.1:8082/gnoga
ProxyPass / http://127.0.0.1:8082/
ProxyPassReverse / http://127.0.0.1:8082/
ErrorLog ${APACHE_LOG_DIR}/gnoga.err.log
CustomLog ${APACHE_LOG_DIR}/gnoga.log common
</VirtualHost>
This gives you a complete example of SSL with Gnoga, both direct and proxy
methods.
See the FAQ for how to create fake ssl certs and some tips if purchasing an
SSL certificate and how to add the intermediate certificates.
David Botton
------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Gnoga-list mailing list
Gnoga-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/gnoga-list