Skip to content

udacity/ssl_setup

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
nginx.conf
nginx.conf
 
 
openssl.cnf
openssl.cnf
 
 

Repository files navigation

Develop Coco-web over SSL

With the addition of student workspaces, any coco-web page using this service will not render unless it is served over SSL. Therefore there is a bit more work required to setup the dev environment.

set up nginx to read a local cert for https://dev.udacity.com

brew install nginx
      # OSX ships with outdated version of nginx
cp ./nginx.conf /usr/local/etc/nginx/
      # copy the given nginx.conf with server set up in 3 location blocks to match 3 services used: classroom-content (backend), coco-web, classroom-web
mkdir ssl
openssl dhparam -out /usr/local/etc/nginx/ssl/dhparam.pem 2048
openssl req -x509 -extensions v3_req -nodes -days 3650 -newkey rsa:2048 -keyout nginx.key -out nginx.crt -subj "/C=US/ST=CA/L=San Fransisco/O=Udacity/OU=Workspaces/CN=udacity.com" -config "./openssl.cnf"
      # creating a new cert the host name is set to: *.udacity.com
      # after creating the cert, browse to https://dev.udacity.com and get served an untrusted cert from nginx
      # from the danger page select advanced view cert, drag to desktop, open in keychain, save as system cert
      # set trust level on cert to system wide. reload browser and it should be trusted and green.
openssl x509 -text -noout -in ./nginx.crt
      # verify cert is valid and check SubjectAltNames came out ok
mv nginx.crt ssl/
mv nginx.key ssl/
cd ssl
chmod 400 *
sudo nginx
cd /usr/local/var/log/nginx
cat *
cat /etc/hosts
   # verify you are redirecting for every server block in nginx.conf
   # 127.0.0.1  cc.udacity.com 		      # classroom-content
   # 127.0.0.1  dev.udacity.com       	# web-terminal
   # 127.0.0.1  web.udacity.com 	      # classroom-web
sudo nginx -s reload
    # to apply changes to nginx.conf, such as adding new location blocks
    # added reference to include mime.types to fix this note in dev tools
    # Resource interpreted as Stylesheet but transferred with MIME type text/html

Also you will need to change the webpack.config in ureact-app

depending on your needs: for all three services developed locally you will need to change the dev config.

More often if you are developing in ENV=staging, then you can more easily just prevent the webpack.config from overriding the cdn property...

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

10 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages