Configuring SSL Certificates in Posit Connect
This section describes how to configure SSL certificates in Posit Connect.
You can configure SSL/TLS certificates by editing the configuration file to point to the relevant private key and certificate files and restarting Connect.
To configure SSL certificates, add the following lines to the Connect configuration file:
File: etc/rstudio-connect/rstudio-connect.gcfg
[HTTPS]
Listen = :443
Certificate = <PATH-TO-CERTIFICATE-FILE>
Key = <PATH-TO-KEY-FILE>
Then restart Connect by running the following command:
Terminal
$ sudo systemctl restart rstudio-connect
Posit Connect does not allow certificate private keys to have a passphrase. If one exists, remove the passphrase by using the following example:
Terminal
$ openssl rsa -in [original.key] -out [new.key]
Configuring HTTP to HTTPS redirects
To redirect all HTTP traffic to the secure HTTPS endpoint, add the following lines to the Connect configuration file:
File: /etc/rstudio-connect/rstudio-connect.gcfg
[Server]
Address = https://<SERVER-ADDRESS>
[HTTPS]
Listen = :443
Permanent = true
Certificate = <PATH-TO-CERTIFICATE-FILE>
Key = <PATH-TO-KEY-FILE>
[HTTPRedirect]
Listen = :80
For HTTP to HTTPS redirects to work properly, ensure that you remove the HTTP.Listen
option from the configuration file if you have defined it.
Then restart Connect by running the following command:
Terminal
$ sudo systemctl restart rstudio-connect
Additional documentation
For more information on SSL certificates and other related settings, refer to the HTTPS settings in the Configuration Appendix of the Connect Administration Guide.