Support HTTPS #5

Open
peterbraden opened this Issue Apr 29, 2011 · 3 comments

Comments

Projects
None yet
3 participants
@peterbraden
Contributor

peterbraden commented Apr 29, 2011

Creating a tracking ticket so I can keep all the research and planning related to this in one place.

Jellyfish currently doesn't support HTTPS, and a good stopgap until we get it working is to just let https traffic pass through. At the moment we seem to be closing https requests with an empty response (Chrome: Error 324 (net::ERR_EMPTY_RESPONSE))

To support HTTPS we need to address:
- Certs. Jellyfish is essentially a man in the middle attack, so we need to self sign each host the proxy deals with and have a mechanism for the browser to accept the cert.

- Adding the https server port to each browser setup vars.
@brianstarke

This comment has been minimized.

Show comment Hide comment
@brianstarke

brianstarke Jan 23, 2012

+1

+1

@MarcWeber

This comment has been minimized.

Show comment Hide comment
@MarcWeber

MarcWeber Nov 5, 2012

This issue is a big one - which is why I think it should even be mentioned in the README till HTTPS is supported.
Its the only reason why I'm not even looking at this library at the moment.

This issue is a big one - which is why I think it should even be mentioned in the README till HTTPS is supported.
Its the only reason why I'm not even looking at this library at the moment.

@MarcWeber

This comment has been minimized.

Show comment Hide comment
@MarcWeber

MarcWeber Nov 5, 2012

Well - you can still run everything behind a apache/nginx proxy, right? So you can still secure your web application easily..

Well - you can still run everything behind a apache/nginx proxy, right? So you can still secure your web application easily..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment