Discussion:
[Ntop] SSL Public trusted certificate
Jérôme BERTHIER
2014-11-18 16:40:52 UTC
Permalink
Hi,

I would like to use a public trusted certificate for SSL WebUI connection.
I already own a certificate signed by our public authority.

I tried to concatenate the private key and the certificate in file
/usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem.
When I relaunch the ntopng daemon, it just crashed with this log :
[HTTPserver.cpp:410] ERROR: Unable to start HTTP server (IPv4) on port 3000

On older ntop version, it worked. Is there a way to do it with ntopng ?

Regards,
--
Jérôme
Jérôme BERTHIER
2014-11-18 17:29:29 UTC
Permalink
Post by Jérôme BERTHIER
Hi,
I would like to use a public trusted certificate for SSL WebUI
connection.
I already own a certificate signed by our public authority.
I tried to concatenate the private key and the certificate in file
/usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem.
[HTTPserver.cpp:410] ERROR: Unable to start HTTP server (IPv4) on port 3000
On older ntop version, it worked. Is there a way to do it with ntopng ?
Regards,
For CentOS 7, it seems that this documentation is not correct :
https://svn.ntop.org/svn/ntop/trunk/ntopng/README.SSL

In order to find libssl.so, you need to install the package openssl-devel.

The symbolic link should point as follow : ln -s /usr/lib64/libssl.so .

To use a public certificate, you have to concatenate the private key,
the server certificate and the CA chain certificate in file
/usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem :
cat privkey.pem cert.pem CA-cert.pem >
/usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem

Now, it works. Problem solved.

Regards,
--
Jérôme
Loading...