To run vREST Enterprise server on SSL, please follow the steps below:
- Acquire the private key and certificate file from trusted certificate authority
- For testing purposes, you may generate self signed certificate via openssl. For self signed certificates, browsers will show a warning to end users.
You may execute the following command to generate the self signed certificate using openssl:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
- So, for production purposes, it is recommended to acquire the private key and certificate file from trusted certificate authority.
- As of now, vREST do not support passphrase for private keys.
- And private key and certificate file must reside in the same directory where config.json file exists.
- Enable startOnHTTPS flag in config.json file
- Set true for startOnHTTPS option in config.json file.
- Set the appropriate port in config.json file
- Default port for HTTPS is 443, so you may set the port number to 443 in config.json file.
- If you are using the well-known port (0 - 1023), then you must execute the vREST Enterprise binary with administrative privileges. Otherwise the server will not start and will result in exception, bind EACCESS.
- Otherwise you may set any port number of your choice.