Configuring SSL for the web-based management interface

Settings->Application

SSL-setup.jpg

Enable SSL

This setting enables or disables SSL support for the web-based management interface.

To enable SSL, the following is needed:

  • A self-signed SSL certificate, or
  • A CA-issued SSL certificate

The certificate and key files must be less than 4KB and must have a .crt, .pem or .key file extension.  The files should be accessible from the computer you are browsing on.  Once the appropriate certificate and key files have been selected, click upload-cert.jpg.  The browser window will show "offline".  It will then be necessary to browse to the secure JEDI One interface (https), i.e. https://192.168.1.6:9123.

To generate a self-signed SSL certificate, run the following command on the Raspberry Pi:

$sudo openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem

Use the resulting key and certificate files to configure the JEDI One SSL setup (as per above).  When browsing to JEDI One once SSL is enabled with a self-certificate, the browser will present a warning.  You can move through this warning since you created the certificate.   The certificate file can be imported into the browser beforehand, if desired. (Example: Firefox: Import Certificate)

Certificates from a Certificate Authority (CA) avoid these ominous browser warnings but do come with a cost.  (Example CA: GoDaddy)

 

 

 

Was this article helpful?
0 out of 0 found this helpful