Enabling HTTPS on the FireBrick

From AAISP Support Site
Revision as of 14:06, 23 November 2018 by AA-Andrew (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

It is now possible to use HTTPS to access the Web UI on the FireBrick. The FireBrick can also use ACME to generate SSL certificates to be used for IPSec and HTTPS.

The certificates can be generated by the Let's Encrypt service automagically once the ACME settings have been filled in. Alternatively, the FireBrick can also try negotiate HTTPS using it's own self-signed certificate which is usually generated automatically.

Setting up ACME

  • Under Config > Edit > Setup > System Settings
    • Fill in:
      • acme-hostname (The FQDN, DNS hostname, of the FireBrick)
      • acme-terms-agreed-email (your email address)

Optionally set:

  • Under Config > Edit > Setup > General system services > Web server settings
    • mode (eg, redirect-to-https-if-acme

Once filled in, and providing the hostname points to the FireBrick, you should be able to access the Web UI via HTTPS using this hostname.

This process might not always be immediate. If it does not work immediately, allow some time for things to propagate.

Video: https://www.youtube.com/embed/747vD5DGnt8

Using a self-signed certificate

Under Config > Edit > Setup > General System Services > Web Server Settings > Click Show All underneath the immediate set of boxes

Https ss.png

Tick 'mode' and set to 'redirect-to-https' and ensure that 'https-port' is set to 443. Also ensure that 'self-sign' is set to true.