Running vREST Enterprise on SSL

To run vREST Enterprise server on SSL, please follow the steps below:

  1. Acquire the private key and certificate file from trusted certificate authority
    1. For testing purposes, you may generate self signed certificate via openssl. For self signed certificates, browsers will show a warning to end users.
      1. You may execute the following command to generate the self signed certificate using openssl:

        openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
    2. So, for production purposes, it is recommended to acquire the private key and certificate file from trusted certificate authority.
    3. Note: 
      1. As of now, vREST do not support passphrase for private keys.
      2. And private key and certificate file must reside in the same directory where config.json file exists.
  2. Enable startOnHTTPS flag in config.json file
    1. Set true for startOnHTTPS option in config.json file.
  3. Set the appropriate port in config.json file
    1. Default port for HTTPS is 443, so you may set the port number to 443 in config.json file.
    2. If you are using the well-known port (0 - 1023), then you must execute the vREST Enterprise binary with administrative privileges. Otherwise the server will not start and will result in exception, bind EACCESS.
    3. Otherwise you may set any port number of your choice.

That's it.