From martin at nlnetlabs.nl  Tue Mar  4 16:11:46 2025
From: martin at nlnetlabs.nl (Martin Hoffmann)
Date: Tue, 4 Mar 2025 17:11:46 +0100
Subject: [RPKI] =?utf-8?q?Routinator_0=2E14=2E2_=E2=80=98Roll_Initiative!?=
 =?utf-8?q?=E2=80=99__released?=
Message-ID: <20250304171146.408390b5@glaurung.nlnetlabs.nl>

Hello!

We just released Routinator 0.14.2 ?Roll Initiative!?

This release updates the bundled Routinator UI package to version 0.4.5
which fixes an issue that caused the UI to fetch its data from NLnet
Lab?s test installation rather than the actual Routinator instance it
belongs to.

If you are using the bundled Routinator UI via the web interface, we
suggest to upgrade to this version to access your own validated data.


On behalf of the NLnet Labs Routing Team,
Martin

From schwende at cord.edu  Fri Mar 14 16:48:56 2025
From: schwende at cord.edu (Jon Schwendemann)
Date: Fri, 14 Mar 2025 16:48:56 +0000
Subject: [RPKI] https on routinator
Message-ID: <MW5PR16MB5053A49F38AC974F1FC5AC2EBFD22@MW5PR16MB5053.namprd16.prod.outlook.com>

I have what is probably a simple question, but I haven't figured it out from the docs.
I have rhel 8.10 with routinator. I just need a quick explanation of how to force https on the webui.
I am not using apache or nginx.
Thanks!

Jon Schwendemann
Redhat Administrator
Concordia College
218-299-4716 schwende at cord.edu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/rpki/attachments/20250314/b8a88d54/attachment.htm>

From martin at nlnetlabs.nl  Tue Mar 18 14:29:22 2025
From: martin at nlnetlabs.nl (Martin Hoffmann)
Date: Tue, 18 Mar 2025 15:29:22 +0100
Subject: [RPKI] https on routinator
In-Reply-To: <MW5PR16MB5053A49F38AC974F1FC5AC2EBFD22@MW5PR16MB5053.namprd16.prod.outlook.com>
References: <MW5PR16MB5053A49F38AC974F1FC5AC2EBFD22@MW5PR16MB5053.namprd16.prod.outlook.com>
Message-ID: <20250318152922.342ef858@glaurung.nlnetlabs.nl>

Hi Jon,

if you want to use the UI, you need a properly issued certificate that
your browsers will accept. Usually, that means Let?s Encrypt these
days, which Routinator does not support. That is why we suggest to
place Nginx or Apache in front of it that can then be set up to do all
these things.

If, however, you happen to have a proper certificate, and assuming you
have the private key in "/etc/routinator/http-tls.key" and the
certificate (including all the intermediary certificates you need) in
"/etc/routinator/http-cert-chain.pem", the config file should contain
this:

http-tls-listen = ["0.0.0.0:8443"]
http-tls-key = "/etc/routinator/http-tls.key"
http-tls-cert = "/etc/routinator/http-cert-chain.pem"

This will cause Routinator to listen for HTTPS requests on port 8443.

HTH and cheers,
Martin

Jon Schwendemann via RPKI wrote:
> I have what is probably a simple question, but I haven't figured it
> out from the docs. I have rhel 8.10 with routinator. I just need a
> quick explanation of how to force https on the webui. I am not using
> apache or nginx. Thanks!
> 
> Jon Schwendemann
> Redhat Administrator
> Concordia College
> 218-299-4716 schwende at cord.edu
>