Lets Encrypt

[jimmy.g...@gmail.com]

Would anyone have documentation on how to configure Let's Encrypt for ReviewBoard instance? I'm using Ubuntu 18.04 VM to deploy.

Thanks

[Danila Ladner]

Why would it be any different than any other web application using SSL/TLS certificates? Plenty on the internet, you can google if you don't want to read official docs.

On Mon, Sep 14, 2020 at 3:21 PM jimmy.g...@gmail.com <jimmy.g...@gmail.com> wrote:

Would anyone have documentation on how to configure Let's Encrypt for ReviewBoard instance? I'm using Ubuntu 18.04 VM to deploy.

Thanks

--
Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/
Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/
Happy user? Let us know! https://www.reviewboard.org/users/
---
You received this message because you are subscribed to the Google Groups "Review Board Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard/781ba3f0-6d17-41ea-a8ea-bd69c0fc648bn%40googlegroups.com.

[Jimmy Griffin]

Didn’t see official documentation regarding Reviewboard and Let’s Encrypt; that’s why I’m asking the question. And who said I didn’t want to read the documentation? 

To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard/CA%2BLJM-VVotKjnMP%2BP1YeMjDPbT8ByYv%3DY8u%2B5cSdBgxO4%3DqXwA%40mail.gmail.com.

--

Jimmy Griffin

The information contained in this email may be confidential and/or legally
privileged. It has been sent for the sole use of the intended recipient(s).
If the reader of this message is not an intended recipient, you are hereby
notified that any unauthorized review, use, disclosure, dissemination,
distribution, or copying of this communication, or any of its content, is
strictly prohibited. If you have received this communication in error,
please contact the sender by reply email and destroy all copies of the
original message. Thank you.

[Christian Hammond]

Hi Jimmy,

I think it'd be a good idea for us to have some written docs on this! Let me add this to the task tracker.

Basically, Review Board relies on the web server (Apache, Nginx, whatever you choose) for the SSL handling. You can follow the standard Let's Encrypt instructions for Apache, and Review Board will Just Work (TM).

Okay, mostly. You may need to go into the Review Board admin UI -> General Settings and update the server URL to say "https://" instead of "http://". (Review Board tries to detect this, but it depends on the setup.)

Christian

To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard/CAFRHGrj-FxAN6sw5YoTbO8ubFppPo9DTRNLv3b7cd9LY7qcH5A%40mail.gmail.com.

--

Christian Hammond

President/CEO of Beanbag

Makers of Review Board

[Jimmy Griffin]

Thanks Christian, I will do that. 

To view this discussion on the web visit https://groups.google.com/d/msgid/reviewboard/CAE7Vnd%3D%2BiAzcvwg4s5F6TKzfAHJq3keP4H6GOhR4ZSL-ijj7ow%40mail.gmail.com.

[Paul Mansfield]

I used the standard apache2 ssl template with the LE files like this:

        SSLEngine on
        SSLCertificateFile      "/etc/ssl/example.com/example.com__fullchain.pem"
        SSLCertificateKeyFile   "/etc/ssl/example.com/example.com__privkey.pem"
        SSLCipherSuite          HIGH:!aNULL:!MD5

I have a small locked down machine running the LE tools, and also Hashicorp Vault. This machine has various cron jobs to renew certificates or access tokens, it can copy them to a Puppet server, and then all my nodes collect updated https cert and keys and reload their web server when they change.