HTTPS for added security
By default REM runs over HTTP in the bundled Jetty web server. If additional security is required, there are a couple ways in which REM can be run over HTTPS.
Changing Jetty to Use HTTPS
An example configuration for HTTPS is provided in recent versions of REM. To enable this, open the jetty.xml file and uncomment/add the following section:
<Set name="keystore"><SystemProperty name="jetty.home" default="." />/https-transport.keystore</Set>
<Set name="truststore"><SystemProperty name="jetty.home" default="." />/https-transport.keystore</Set>
You will also need to provide or create a proper web keystore (shown in the example as being saved as https-transport.keystore directly inside the main rhino-element-manager directory).
For more detailed instructions on creating a keystore and configuring HTTPS in Jetty, see the Jetty developers' How to configure SSL
Running REM behind Apache
If you have an existing Apache installation that is already configured to use HTTPS, then you may wish to serve REM through that.
The setup can be a bit complicated on the Apache side and a couple different options are available.
For detailed instructions: