Enabling HTTPS on UI

[ManishYadav-SAP]

Hi @marcorosa / @SlimTrabelsi ,

Based on the instructions mentioned here - in order to enable HTTPS on UI we need to copy the signed certificate and a private key in the file path of wsgi.py but it is not working.

Can you please look into this?

[marcorosa]

Hello @ManishYadav-SAP thanks for opening this issue.

The current HTTPS setting works when running docker containers, but it doesn't work when running directly the web server from terminal.
I test the code and take some note in this issue not to lose track.

[marcorosa]

Notes on the issue:

1. the .env must list certificate and private key with a path relative to wsgi.py for running in the docker container (because the Dockerfile copies the content of ui into /credential-digger-ui so these files would be lost), whereas these paths must be relative to the project root when running from the terminal.
2. when running from the terminal, we run directly ui/server.py, whereas the Dockerfile works with entry point run.sh, that runs wsgi:app using gunicorn (both in case of https enabled or not)

Ideas on possible fix:

• the certificate and private key, if set, have to be copied from dockerfile (and not dropped directly with COPY . /credential-digger-ui)
• if running with docker, then we can't use local (absolute or relative) paths because the certificates have to be copied in the container. Then, we need to override the env variables.
• wsgi.py and server.py should be unified (only server.py should stay), if possible. Keeping both of them is confusing and hard to maintain (indeed, we lost track of this after 1 or 2 years)
• if we only keep server.py, then we need to define a ssl_context and pass it to app.run or the app configs

Once we decide how to fix this issue, we need to update the instructions in the wiki accordingly.