musvaage
·
2022-12-15
HTTPS.md
1SSL with eris
2=============
3
4Eris does not care what transport is in use: that job is left to the invoking
5program (e.g. tcpserver).
6
7In the past you could use `sslio` with `tcpsvd`,
8but `sslio` has not been updated in a long time,
9and won't work with (at least) Chrome 39.
10
11I recommend using stunnel,
12which also works with IPv6.
13You can invoke it like so:
14
15 #! /bin/sh
16 cd /srv/www
17 HTTPS=enabled; export HTTPS
18
19 exec stunnel -fd 3 3<<EOD
20 foreground = yes
21 setuid = http
22 setgid = http
23 debug = 4
24
25 [https]
26 accept = ::443
27 cert = /path/to/yourserver.crt
28 key = /path/to/yourserver.key
29 exec = /path/to/eris
30 execargs = eris -c
31 EOD
32
33I set the `HTTPS` environment variable,
34so CGI can tell whether or not its connection is secure.