misp icon indicating copy to clipboard operation
misp copied to clipboard

SSL / Nginx help

Open norrig opened this issue 2 years ago • 1 comments

Hey, thanks for creating this repo, works great.

I'm trying to setup HTTPS/SSL as you've mentioned in your readme: "deploy reverse proxy (for example nginx) before MISP to handle HTTPS connections."

But I'm unaware how, and could use a bit of guidance. I've tried adding an nginx service to my docker-compose file, and i get served the nginx welcome page succesfully.

What do i do from here? I've got my .pem and cert files, but I'm not sure where to put them, nor how I point nginx to the misp service in my compose file. Do i need an nginx config file?

Is there a guide or hint or a best-practice you can point me towards?

Thanks in advance,

norrig avatar Nov 03 '22 13:11 norrig

I figured it out, using the underlying apache instead of nginx reverse proxy.

Changed the image path to a buildfile instead with the following content: image

Then I added my cert files as volumes: image

Then i made a new misp.conf with 443 allowed, like so: image

From there I opened 443 in my firewall (I use Almalinux):

sudo firewall-cmd --zone=public --permanent --add-service=http
sudo firewall-cmd --zone=public --permanent --add-service=https
sudo firewall-cmd --reload

I also changed the ports from 443:443 to 0.0.0.0:443:443

And then i re-build with --build instead of -d when spawning the docker image.

I might have missed some steps, but this works for now.

norrig avatar Nov 07 '22 14:11 norrig