You have been redirected from an outdated version of the article. Below is the content available on this topic. To view the old article click here.

SSL Configuration#

For SSL to work you need to adjust some parameters in structr.conf.

application.https.enabled = true
application.https.port = 443
application.keystore.path = [filename of keystore file - should reside in structr-ui folder]
application.keystore.password = [keystore password]

Note: See this tutorial on how to create a keystore file.

Additional configuration

A forced redirect from http to https can be achieved by setting the structr.conf setting HttpService.force.https to true.

Tutorial for letsencrypt

  1. Install certbot for your distribution
    • Select “None of the above” as “Software”
    • Select your distribution for “System”
    • follow the instructions under “Install”
  2. Stop Structr because certbot needs to bind to Port 80
    service structr stop
  3. Run certbot (replace <your-domain> with your domain) and provide the necessary information: email address, agree to TOS and allow sharing of email address.
    certbot certonly --standalone -w ./ -d <your-domain>
  4. Change into the directory where certbot stored your certificate
    cd /etc/letsencrypt/live/<your-domain>/
  5. Convert the certificate to a compatible keystore. You will be asked to create a password - be sure to write it down, you will need it later!
    openssl pkcs12 -export -out keystore.pkcs12 -in fullchain.pem -inkey privkey.pem
  6. Move the keystore to the structr directory
    mv keystore.pkcs12 /usr/lib/structr/
  7. Change to the structr directory
    cd /usr/lib/structr/
  8. Edit structr.conf accordingly 
    application.https.enabled = true
application.keystore.path = keystore.pkcs12
application.keystore.password = <your-password>
  9. Start structr
    service structr start

Search results for "SSL Configuration"

Interfaces

application.host The listen address of the Structr HTTP server. If you set the listen address to 127.0.0.1, Structr will only be accessible for applications that run on the local host. This value essentially binds the HTTP server to the local loopback interface. The other option is 0.0.0.0 which makes Structr accessible from all networks.
application.http.port The HTTP port that Structr listens on. If you want to be able to access Structr under a simple http:// URL, you need to set this value to 80.
application.https.port The HTTPS port that Structr listens on. If you want to be able to access Structr under a simple https:// URL, you need to set this value to 443.
application.ssh.port The port that the SSHService listens on.
application.ftp.port The port that the FTPService listens on.
application.https.enabled If enabled, the internal HTTP server will be configured to allow HTTPS connections to the application.https.port.
application.keystore.path The path to a JKS keystore file that contains the certificate chain and private key for the SSL configuration needed for HTTPS. The keystore must be in PCK12 format.
application.keystore.password The password for the JKS keystore used in application.keystore.path.
application.baseurl.override Overrides baseUrl value that is originally assembled dynamically from the protocol, hostname and port of the server instance Structr is running on.