Jump to content
KAZOOcon: hackathon signup and details here! ×

Godaddy EV SSL Certificates With DigitalOcean CentOS Server Setup


conn

Recommended Posts

  • 2600Hz Employees

There's a page from a while ago: https://docs.2600hz.com/dev/applications/crossbar/doc/securing_crossbar/

It shows setting up a self-signed certificate but you can just skip to where the guide configures Crossbar. Should work as expected once you restart Crossbar.

Another option is to use HAProxy or similar in front of Crossbar to handle SSL termination.

Link to comment
Share on other sites

On 9/4/2018 at 9:50 AM, mc_ said:

There's a page from a while ago: https://docs.2600hz.com/dev/applications/crossbar/doc/securing_crossbar/

It shows setting up a self-signed certificate but you can just skip to where the guide configures Crossbar. Should work as expected once you restart Crossbar.

Another option is to use HAProxy or similar in front of Crossbar to handle SSL termination.

Does that mean I cannot use something like Godaddy's Godaddy EV SSL Certificates?

Link to comment
Share on other sites

  • 2600Hz Employees

You just need to get the cert in the right location. Honestly HAProxy fronting it is probably a better solution anyway, since you can load balance among servers running Crossbar, stay up-to-date on the encryption/cipher suites better, etc.

Link to comment
Share on other sites

37 minutes ago, mc_ said:

You just need to get the cert in the right location. Honestly HAProxy fronting it is probably a better solution anyway, since you can load balance among servers running Crossbar, stay up-to-date on the encryption/cipher suites better, etc.

Interesting. So, do you guys have any tutorials for the HAProxy option? Or is this just something I have to "go google"?

Link to comment
Share on other sites

  • 2600Hz Employees

Yeah, its a pretty straightforward setup of pointing DNS to your HAProxy instead of Crossbar, configuring it with the SSL certs, and setting up the backends with your Crossbar instances. Any HAProxy guide should do the trick.

Link to comment
Share on other sites

7 hours ago, mc_ said:

Yeah, its a pretty straightforward setup of pointing DNS to your HAProxy instead of Crossbar, configuring it with the SSL certs, and setting up the backends with your Crossbar instances. Any HAProxy guide should do the trick.

Got it. Thanks a ton!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...