[RPKI] https on routinator
Jon Schwendemann
schwende at cord.edu
Wed Mar 19 18:59:04 UTC 2025
Well, I tried to convert my certs to pem, and routinator wasn't a fan. Maybe I missed it, but what are the steps to use apache as the interface?
Thanks!
-----Original Message-----
From: Martin Hoffmann <martin at nlnetlabs.nl>
Sent: Tuesday, March 18, 2025 9:29 AM
To: Jon Schwendemann via RPKI <rpki at lists.nlnetlabs.nl>
Cc: Jon Schwendemann <schwende at cord.edu>
Subject: Re: [RPKI] https on routinator
Hi Jon,
if you want to use the UI, you need a properly issued certificate that your browsers will accept. Usually, that means Let’s Encrypt these days, which Routinator does not support. That is why we suggest to place Nginx or Apache in front of it that can then be set up to do all these things.
If, however, you happen to have a proper certificate, and assuming you have the private key in "/etc/routinator/http-tls.key" and the certificate (including all the intermediary certificates you need) in "/etc/routinator/http-cert-chain.pem", the config file should contain
this:
http-tls-listen = ["0.0.0.0:8443"]
http-tls-key = "/etc/routinator/http-tls.key"
http-tls-cert = "/etc/routinator/http-cert-chain.pem"
This will cause Routinator to listen for HTTPS requests on port 8443.
HTH and cheers,
Martin
Jon Schwendemann via RPKI wrote:
> I have what is probably a simple question, but I haven't figured it
> out from the docs. I have rhel 8.10 with routinator. I just need a
> quick explanation of how to force https on the webui. I am not using
> apache or nginx. Thanks!
>
> Jon Schwendemann
> Redhat Administrator
> Concordia College
> 218-299-4716 schwende at cord.edu
>
More information about the RPKI
mailing list