Back

Implementing self-signed certificate (aka bad-https)

This is needed in order for webcams to be accessible by Andes in browsers.

1. Enable apache’s ssl config:

   sudo a2enmod ssl
   sudo systemctl restart apache2
   

2. Create the cert and key. In the prompts, Common name must be the ip/hostname of the server:

   sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/andes-selfsigned.key -out /etc/ssl/certs/andes-selfsigned.crt
   

3. Fix permissions on the certificates:

   sudo chown www-data:www-data /etc/ssl/private/andes-selfsigned.key
   sudo chown www-data:www-data /etc/ssl/certs/andes-selfsigned.crt
   

4. Update the apache .conf file to use ssl, see example self-signed apache config
5. Restart Apache and verify that http and https work.