8 Replies Latest reply on Sep 12, 2007 7:16 PM by gbobeck

    SSL Support

      It would be exceptionally nice if Clearspace supported SSL encryption (https).  This would provide an optional, but very handy extra layer of security as well as another means of authentication.

        • Re: SSL Support
          Magpie

          Is this just not a configuration function of what ever web/web server application you are deploying on? Assuming you have a SSL certificate for the domain your using.

          • Re: SSL Support

            hi gbobeck,

             

            What version (war, standalone, etc) of Clearspace are you using?  Are you using it in conjunction with a webserver like Apache or IIS? 

             

            Cheers,

             

            AJ

              • Re: SSL Support

                 

                I am currently using the standalone version of Clearspace in conjunction with Apache. 

                 

                 

                To be honest, I never really thought about using the various Apache modules (as suggested by more than one post in this thread).  I'll have to look into it.

                 

                 

                  • Re: SSL Support

                    Yeah, if you're using Clearspace standalone with Apache you'll actually have to look at the Apache modules to get SSL, although I'm wondering if there's something we can do for administrators who want to use Clearspace standalone without Apache to make it easy to use SSL out of the box.

                     

                    Just because I'm curious, why did you choose to use Apache in front of the standalone Clearspace instance?  (it's likely the right thing to do, but I'm interested in your reasons for doing so)

                     

                    Cheers,

                     

                    AJ

                      • Re: SSL Support
                        Curtis Gross

                        If he is using the standalone (not the .exe) that comes with tomcat.

                         

                        http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html

                         

                        Tomcat supports SSL & can be set to use it without having Apache or some other web-server in front if it.

                        • Re: SSL Support
                          ajohnson1200 wrote:

                          <div class="jive-quote">

                          ...

                           

                          Just because I'm curious, why did you choose to use Apache in front of the standalone Clearspace instance?  (it's likely the right thing to do, but I'm interested in your reasons for doing so)

                           

                          ...

                          </div>

                           

                          No exceptionally good reason... Clearspace ended up being deployed on the same machine which was running Openfire and Apache (needed to have a few simple pages which stated how to configure Gaim for use with Openfire).  Soon afterward, we noticed our end users didn't like having to type the whole "www.example.com:8080/clearspace" address, so we set up a simple rewrite rule to shorten it to "www.example.com/clearspace" and keep it somewhat hidden from our end users.

                           

                           

                    • Re: SSL Support
                      it2000

                      Hi,

                       

                      I'd use Apache working as a reverse proxy with mod_ssl and mod_proxy to terminate SSL, it's usually much better to terminate SSL on a web server and not within the application server to share the load. Apache with mod_security will give you some more security options.

                       

                      LG