We moved this page to our Documentation Portal. You can find the latest updates here. |
Question
How can I force users to use SSL to secure their http access?
Environment
OnApp 5.x
Answer
Edit the file /etc/httpd/conf.d/onapp.conf
within the VirtualHost 80 section, add a redirect directive to your domain as https. For example:
Redirect permanent / https://cloud.test.com/
After this, restart httpd:
service httpd restart
The change will then be applied. This change will make http requests be redirected to https. Users may not notice, but their connections will be secured.
Additional Info
You will want to configure a custom SSL for your Control Panel, since the default certificate is self-signed and shows a warning in most browsers: https://docs.onapp.com/agm/latest/ssl-certificates
The onapp.conf file can be overwritten on upgrade/patch installation. So it is a good idea to keep a backup of this file after making customizations, like the one described in this article.
HTTPS redirection can be implemented in a few different ways in Apache: https://www.sslshopper.com/apache-redirect-http-to-https.html