Access Keys:
Skip to content (Access Key - 0)


Appendix D. Running REM over HTTPS

Print this page

HTTPS for added security

By default REM runs over HTTP in the bundled Jetty web server. If additional security is required, there are a couple ways in which REM can be run over HTTPS.

Changing Jetty to Use HTTPS

An example configuration for HTTPS is provided in recent versions of REM. To enable this, open the jetty.xml file and uncomment/add the following section:

<Call name="addConnector">
    <Arg>
        <New class="org.mortbay.jetty.security.SslSocketConnector">
            <Set name="Port">8443</Set>
            <Set name="maxIdleTime">30000</Set>
            <Set name="handshakeTimeout">2000</Set>
            <Set name="keystore"><SystemProperty name="jetty.home" default="." />/https-transport.keystore</Set>
            <Set name="password">changeit</Set>
            <Set name="keyPassword">changeit</Set>
            <Set name="truststore"><SystemProperty name="jetty.home" default="." />/https-transport.keystore</Set>
            <Set name="trustPassword">changeit</Set>
        </New>
    </Arg>
</Call>

You will also need to provide or create a proper web keystore (shown in the example as being saved as https-transport.keystore directly inside the main rhino-element-manager directory).

For more detailed instructions on creating a keystore and configuring HTTPS in Jetty, see the Jetty developers' How to configure SSL page.

Running REM behind Apache

If you have an existing Apache installation that is already configured to use HTTPS, then you may wish to serve REM through that.

The setup can be a bit complicated on the Apache side and a couple different options are available.

For detailed instructions:
Adaptavist Theme Builder Powered by Atlassian Confluence