It is possible to put a SSL encryption in front of YaCy to get the YaCy interface accessible using https. This can easily be done using stunnel and openssl.
As user root, call:
apt-get install openssl stunnel
Then create a ssl certificate:
cd ~
openssl req -new -x509 -keyout stunnel-key-pw.pem -out stunnel-cert.pem -days 3650
And get rid of the passphrase with
openssl rsa -in stunnel-key-pw.pem -out stunnel-key.pem
As user root, copy the key and certificate file to /etc/stunnel/
mv stunnel-key.pem stunnel-cert.pem /etc/stunnel/
chmod 600 /etc/stunnel/*.pem
To configure stunnel, create the file /etc/stunnel/stunnel.conf
with the
following content:
chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
pid = /stunnel4.pid
cert = /etc/stunnel/stunnel-cert.pem
key = /etc/stunnel/stunnel-key.pem
output = stunnel.log
[https]
accept = 443
connect = 8090
To activate this service, edit the file /etc/default/stunnel4
and change
the value of ENABLED
to 1
. Finally restart stunnel:
/etc/init.d/stunnel4 restart
Now the YaCy search page can be opened at https://localhost
Converted from http://wiki.yacy.de/index.php?title=En:YaCyOverHTTPS, may be outdated