Configuring SSL Certificates in Posit Connect

This section describes how to configure SSL certificates in Posit Connect.

You can configure SSL/TLS certificates by editing the configuration file to point to the relevant private key and certificate files and restarting Connect.

To configure SSL certificates, add the following lines to the Connect configuration file:

File: /etc/rstudio-connect/rstudio-connect.gcfg

[HTTPS]
Listen = :443
Certificate = <PATH-TO-CERTIFICATE-FILE>
Key = <PATH-TO-KEY-FILE>

Then restart Connect by running the following command:

Terminal

$ sudo systemctl restart rstudio-connect

Warning

Posit Connect does not allow certificate private keys to have a passphrase. If one exists, remove the passphrase by using the following example:

Terminal

$ openssl rsa -in [original.key] -out [new.key]

Configuring HTTP to HTTPS redirects

To redirect all HTTP traffic to the secure HTTPS endpoint, add the following lines to the Connect configuration file:

File: /etc/rstudio-connect/rstudio-connect.gcfg

[Server]
Address = https://<SERVER-ADDRESS>

[HTTPS]
Listen = :443
Permanent = true
Certificate = <PATH-TO-CERTIFICATE-FILE>
Key = <PATH-TO-KEY-FILE>

[HTTPRedirect]
Listen = :80

Note

For HTTP to HTTPS redirects to work properly, ensure that you remove the HTTP.Listen option from the configuration file if you have defined it.

Then restart Connect by running the following command:

Terminal

$ sudo systemctl restart rstudio-connect

Additional documentation

For more information on SSL certificates and other related settings, refer to the HTTPS settings in the Configuration Appendix of the Connect Administration Guide.