This setting enables or disables SSL support for the web-based management interface.
To enable SSL, the following is needed:
- A self-signed SSL certificate, or
- A CA-issued SSL certificate
The certificate and key files must be less than 4KB and must have a .crt, .pem or .key file extension. The files should be accessible from the computer you are browsing on. Once the appropriate certificate and key files have been selected, click . The browser window will show "offline". It will then be necessary to browse to the secure JEDI One interface (https), i.e. https://192.168.1.6:9123.
To generate a self-signed SSL certificate, run the following command on the Raspberry Pi:
$sudo openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
Use the resulting key and certificate files to configure the JEDI One SSL setup (as per above). When browsing to JEDI One once SSL is enabled with a self-certificate, the browser will present a warning. You can move through this warning since you created the certificate. The certificate file can be imported into the browser beforehand, if desired. (Example: Firefox: Import Certificate)
Certificates from a Certificate Authority (CA) avoid these ominous browser warnings but do come with a cost. (Example CA: GoDaddy)