DEV Community

Reprise Software
Reprise Software

Posted on

Using SSL Certificates (HTTPS) with RLM

License administrators are now able to run the RLM web server with SSL certificates, allowing for increased protection though third party identification via web server.

To implement SSL certificates you can instruct RLM to use HTTPS during startup with the command parameters -sslcert and -sslpriv. But note that certificate files cannot be used if password protected.

Example code: rlm ‑sslcert /path/to/cert.pem ‑sslpriv /path/to/privkey.pem 

How do I create an SSL Certificate?
There are many ways that you can procure SSL certificates, here are 3 options:

  • Purchase it from a certificate provider. These types of certificates are trusted more by OS and browsers.
  • Free Services like Let’s Encrypt will provide SSL certificates.
  • Create and generate your own. But be warned these self-signed certificates are not trusted by OS or browsers and will display warning messages.

Can’t connect to Web Server after implementing SSL Certificates?
Make sure your connecting your RLM server via HTTP. Your URLs should look like:

-https://hostname:[port-number]
-https://ip-address:[port-number]

Got more questions? Check out our article that guides you through the process: Using SSL Certificates (HTTPS) with RLM

Top comments (1)

Collapse
 
hayrullahkar profile image
Hayrullah Kar

Handy guide. The gotcha nobody hits till day 90: Let's Encrypt certs rotate every 3 months, so if rlm can't hot-reload you need a hook to bounce it or HTTPS quietly dies. No-password rule also means stripping the passphrase via openssl rsa first.