How to enable SSL in docker with nginx hosted in Ubuntu - apache

I have a web application that's running inside a docker container.
It's written in Play Framework. My host is an Ubuntu 16.04 server with apache. Docker application use the nginx server. The port 443 is directed to that container. SSL in my Apache server is turned off. Now when i try visiting my domain with https the browser give the warning which is annoying.
So i got some free certificates from sslforfree.com and used it with the docker application but still the warnings come up. Do i need to use those certificates in the apache server too?

Yes.
Your browser speaks with Apache server trying to establish an SSL communication at first, then Apache will try to forward the request to your docker container.
So, indeed, it's only mandatory to secure your Apache instead of the container to have the browser not complaining.

Related

unable to configure tomcat 8.5.57 webserver for https on ubuntu 18.04

I have installed tomcat on ubuntu 18.4. post default installation and jave home configurations able to see webserver page as response for http://:8080.
Later generated keystore and updated the details in conf/server.xml to enable https. Even after this am not getting tomcat default page with https, though getting web page over http / 8080 port.
Any pointer to debug / enable https on tomcat.?
Is Apache tomcat version 8.5 compatible with Ubuntu 18.04 version.?
After reviewing the server.xml, connector node for https was made with smaller case. was not aware of it as case sensitive. after making appropriate changes able to access https also.

Gitlab-ee external url is not working

I installed gitlab-ee on my ubuntu 16.04 server hosted with AWS. I am not able to launch gitlab using the external url that is mentioned in gitlab.rb file. I have apache as default webserver. I used a subdomain as external url. But when i launch that url, it is still landing on default apache page and not using nginx to launch gitlab. How to solve this issue?
Apache and Nginx will probably try to use the same ports (80 & 443). The first started, in your case Apache, will start normally, but the second will not initialize properly as two programs can not listen together on the same ports.
Confirm with the command sudo gitlab-ctl status nginx. This will return the status of the integrated nginx instance.
If it is stopped, stop apache and then start nginx using sudo gitlab-ctl start nginx.

How to have node and django running under one SSL server?

is there a way to solve this:
there is a domain example.com, on port 80 it redirects to 443 so it's always SSL connection and it passes to uwsgi via nginx. Now sockets run via a node connection on example.com:3000.
Is there an easy way to have that example.com:3000 run as SSL? The reason why is that Chrome gives a warning that the site includes resources that are not SSL.
I created another server in nginx, with the same domain listener but for different ports and passed the info through to node, and made that port SSL.

socket.io with Apache Tomcat

I am using node.js server and implemented socket.io.
It works fine, but for some reason, I have to use Apache Tomcat, running on port 8080, and the node server running on 8081.
If I run the application via :8081 (serving pages through node.js), socket.io (socket.io is listening to 8081 port) is working, but when I serve through Apache Tomcat running application via :8080/Demo_Pro/index.html, socket.io is not working.
Can anybody explain how to run both Apache Tomcat and node.js at the same time.
You should look on google on how to host node.js and apache at the same time. You'll find that you'll have to use mod_proxy to proxy requests through apache. (node.js needs to be on another port). Look at this link: how to put nodejs and apache in the same port 80. It'll give you an idea on how to do it.

How do ensure that Apache AJP to Tomcat connection is secure/encrypted?

We want to front-end our Tomcat instance with an Apache instance (running on the same machine) that will be serving everything on HTTPS and connect Apache to Tomcat using AJP. When using AJP, do we need to do anything to make sure that the connection between Apache and Tomcat is secure? (We dont want passwords to be sniffable on the network between Apache and Tomcat). The O/S is Red Hat Enterprise Linux 6.3
You are saying
Tomcat instance with an Apache instance (running on the same machine)
and later you are saying
We dont want passwords to be sniffable on the network between Apache and Tomcat
This just contradicts each other.
EDIT: AJP is not designed to be secure, if you need security, use mod_proxy_http and proxy over https, or create SSH tunnel. Needless to say, you will have to pay for this overhead.
When using AJP you cannot do anything to ensure it is secure. It isn't. There is no SSL version. You would have to use HTTPS. AJP is designed for the usual case where HTTPD and Tomcat are in the same private LAN and security isn't an issue.