Manual HTTPS Configuration with SSL

HTTPS with SSL options is configured within the installation steps. If you are having issues with HTTPS configuration or you want to change its settings, you can use this article as a troubleshooting guide.

HTTPS configuration preconditions

The application uses NGINX proxy to deliver HTTP requests from the browsers to the backend services. This proxy is responsible for SSL termination too.

To configure HTTPS, you need SSL certificates for Timeline. You can choose one of the following options:

  1. Use SSL certificate issued by the Certification Authority (CA).
    This is the recommended approach for the application installation that is intended for a production environment. The connection to the server will be secure and users will not get any warnings from the browser.
  2. Use a self-signed SSL certificate.
    If you do not have a signed certificate or if you only require a certificate for testing purposes, use a self-signed SSL certificate. However, in this case users will get warnings from the web browser about the use of a self-signed certificate as the server will not be considered secure.
    Note. For self-signed HTTPS certificates, the root certificate is required.

Important. If you install the program in a production environment, it is strongly recommended to use HTTPS and highly discouraged HTTP.

Procedure

  1. Obtain an SSL certificate and a private key.
  2. Run the Timeline installation and follow the Installation Wizard. To enable SSL between application and client specify HTTPS port and Base URL for HTTPS port in the Web Server step.
    For more information, see Installing Timeline.
  3. After the Timeline installation process is complete, do the following:
    1. Find the ssl.conf.tpl and ssl.conf files in the $TIMELINE_INSTALLATION_DIR/nginx folder and rename the ssl.conf.tpl file to ssl.conf. Alternatively, merge the ssl.conf.tpl file with ssl.conf, if you made any changes in the ssl.conf file for the previous Timeline version.
      Note. These files are copied to the $TIMELINE_INSTALLATION_DIR/nginx folder during the upgrade process. The folder is specified in the NGINX_CONF variable in .env. The ssl.conf.tpl file stores the latest SSL configuration settings.
    2. Copy your SSL certificate and private key files to the $TIMELINE_INSTALLATION_DIR/nginx folder.
      1. If your private key and certificate files are not named cert.key and cert.pem, respectively, you should change the ssl_certificate and ssl_certificate_key entries in ssl.conf accordingly.
      2. If you have a password file for the SSL key, uncomment the line #ssl_password_file $TIMELINE_INSTALLATION_DIR/nginx/conf/pass.file; in ssl.conf, and copy your pass.file to the $TIMELINE_INSTALLATION_DIR/nginx folder. If necessary, change the path to the folder you specified during the installation process.
      3. If intermediate certificates should be specified in addition to a primary certificate, they should be specified in the same cert.pem file in the following order: the primary certificate comes first, then the intermediate certificates.
    3. Open .env file and check the following environment variables:
      1. PROXY_SSL_PORT
        Make sure the HTTPS port you want to use is specified in the PROXY_SSL_PORT variable.
        Example: PROXY_SSL_PORT=443
      2. BASE_URL
        Make sure the HTTPS protocol is specified in the BASE_URL variable.
        Example: BASE_URL=https://mytimeline.com
  4. Restart the Timeline application to apply all the changes:
    systemctl restart timeline
  5. Perform a health check.

05.09.2024 16:23:54

Usage of Cookies. In order to optimize the website functionality and improve your online experience ABBYY uses cookies. You agree to the usage of cookies when you continue using this site. Further details can be found in our Privacy Notice.