Setting the console to use HTTPS

In this quick tutorial, we explain how to do to make your console use HTTPS (secure SSL connections) instead of plain HTTP.

Generating a private key

  • Open the console.
  • Select SSL/TLS Certificates.
  • Press Add in the Private Keys table.
  • Enter a name of your choice for the new key you'll generate. For example, enter console_key in Name.
  • Set Action to Generate.
  • Set Type to RSA 2048 bit to have the best level of security.
  • Press OK.

Abyss Web Server will spend a few seconds to compute the new key. If your computer is slow or overloaded, generating a key could need up to a minute.

Generating a self-signed certificate

  • Press Add in the Certificates table.
  • Enter a name of your choice for the new certificate which will be generated. For example, enter console_cert in Name.
  • Set Private Key to the key you have just generated.
  • Set Type to Self-Signed certificate.
  • Enter * in Host Name (Common Name). * means that the certificate will be matched with any host name.
  • Fill the other fields with your information: These will be included in the self-signed certificate. Note that the 2-letter code of the United Kingdom is GB. For a detailed list of country codes, please refer to the official ISO 3166-1-alpha-2 codes listing.
  • Press OK.
  • Press OK one more time to leave the SSL/TLS Certificates dialog.

Updating the console parameters

  • Select Console Configuration.
  • Select Parameters.
  • Set Protocol to HTTPS.
  • Select the certificate you've just generated in Certificate.
  • Press OK.
  • Press Restart.

You will be automatically redirected to the new console URL with starts with https:// instead of http://.

The browser may display a warning dialog where it asks you to confirm that you really want to access that URL which has a certificate signed by an unknown authority (which is you in that case).

Confirm that you still want to access the site and you will see the usual console page. But starting from now, all the connections taking place between the server console and the browser are encrypted for maximum security.

See also