Adding SSL certificate to edx

[Realm]

Hi all,

We are running cypress release on Ubuntu 12.04. Can anyone show me how to install own SSL certificate to edx cms & lms platforms ?

thank you,

[Sven Marnach]

Hi,

this depends on your deployment process. You have to enable SSL for
whatever webserver you are using.

If you are using the edX configuration Ansible playbooks [1] for
deployment, you can set the following extra variables:

NGINX_ENABLE_SSL: True
NGINX_SSL_CERTIFICATE: <the path to the SSL certificate on the
machine that runs the playbook>
NGINX_SSL_KEY: <the path to the SSL key on the machine that runs
the playbook>

[1]: https://github.com/edx/configuration

Cheers,
--
Sven
@OpenCraft

> --
> You received this message because you are subscribed to the Google Groups
> "Open edX operations" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to openedx-ops...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/openedx-ops/6be8b1a2-cdac-4276-b060-4723ac450f5f%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[Realm]

Hi,

I am not sure what deployment process was used, I just followed the manual installation from this link  https://github.com/edx/configuration/wiki/edX-Ubuntu-12.04-64-bit-Installation

Can I follow your steps to finish the SSL installation ? Or I need to do more configuration ?

Please advise.

Thank you,

Sven Marnach於 2015年10月28日星期三 UTC+8下午6時16分19秒寫道：

[Sven Marnach]

If you want to modify the already deployed instance, you can ssh to it
and rerun the playbook with a modified configuration:

cd /var/tmp/configuration/playbooks
sudo ansible-playbook -c local ./edx_sandbox.yml -i "localhost," \
-e NGINX_ENABLE_SSL=True \
-e NGINX_SSL_CERTIFICATE=<path> \
-e NGINX_SSL_KEY=<path>

You need to copy the SSL certificate and key to a local path first,
and provide the correct paths in place of <path> placeholder.

Cheers,
--
Sven
@OpenCraft

> https://groups.google.com/d/msgid/openedx-ops/54d278b0-2945-4184-88f6-8e0cb2de4208%40googlegroups.com.

[Realm]

Hi,

I followed your steps to run playbooks, but it still returned "connection refuse" error when I accessed it with https

Meanwhile, using playbooks to configure SSL  would reset all my customized settings. Do you have other method to directly install SSL cert to edx ?

regards,

Realm於 2015年10月28日星期三 UTC+8下午2時38分01秒寫道：

[Ryan Wong]

Hi,

I got a similar issue. Please see https://groups.google.com/forum/#!topic/openedx-ops/Efr-9OgBK1c

Are you able to resolve it after all? Thanks.

Regards,

Ryan

[Realm]

Hi,

I fixed it by modify /etc/nginx/sites-enabled/lms file.

Ryan Wong於 2015年11月16日星期一 UTC+8上午10時53分36秒寫道：

[Ryan Wong]

Thanks for your reply. I modified exactly the same file following the instructions on https://github.com/CDOT-EDX/ProductionStackDocs/wiki/Configuring-SSL-for-NGINX.

It works for CMS but not for LMS.

I added the following but it seems 443 port of LMS is not accessible and still binds on 80 port. Have you configured any other files? Thanks.

server {
          listen 80;
          return 301 https://$host$request_uri;
      }

server {

        listen 443 ssl;
        ssl_certificate /etc/nginx/ssl/online-dev-cdot.crt;
        ssl_certificate_key /etc/nginx/ssl/online-dev-cdot-insecure.key;
........................
}

[Ryan Wong]

Thanks Realm. I know how to solve it now.

[edx...@gmail.com]

Hello Ryan, would you please post your solution here?