Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-31-2013, 07:42 AM
|
#1
|
Member
Registered: Jan 2013
Location: EU
Distribution: Debian
Posts: 269
Rep:
|
Protecting the unprotected with SSL/TLS
Hey!
Suppose I have a linux server where a given networking service is running. This service is listening on a certain port i.e. 80 for incoming connections and is serving HTTP content - it has a built-in HTTP server. The application does not support secure connections. Is there a way in linux to enable SSL/TLS secure connections for applications that don't natively support it?
Here's what I'm doing:
I'm building a video surveillance device from various components - I disassembled an HD webcam, a TP-LINK TL-MR3020 router, and installed them in a "fake outdoor camera" housing to build a real IP cam. The TL-MR3020 router is flashed with OpenWRT Barrier Breaker firmware, and is offering videostream content via the ethernet port. I am using mjpg_streamer that has a built-in http server, but it does not support SSL. I would like to access such content over a secure connection. Is this possible?
Any suggestions?
Kind regards,
~displace
|
|
|
10-31-2013, 08:56 AM
|
#2
|
Member
Registered: Sep 2004
Location: Japan
Distribution: RHEL9.4
Posts: 735
Rep:
|
Yes. Run an http service i suppose mod proxy can work too. Then use mod_rewrite to change the service to accept only https connections.
Sorry i am not of more help but today was a long day and hitting some cans of beer.
Anyhow you want something like this.
http://acespritechblog.wordpress.com...-ubuntu-12-04/
Check apache config. Openerp runs as a perl script i think it was, but strange port. I still have the vm, i will try to boot it over the weekend and show my scripts more or less.
|
|
|
11-01-2013, 08:39 AM
|
#3
|
Member
Registered: Jan 2013
Location: EU
Distribution: Debian
Posts: 269
Original Poster
Rep:
|
mod_rewrite... that sounds like apache to me. I'm running OpenWRT here, so installing apache on it would be an overkill. Is there something more lightweight? It would probably have to be a proxy, but TBH I haven't used any proxies yet, so I'm mostly swimming in unfamiliar waters. Next I'll also have to block access to the unsecured port, but I take it this can easily be done with iptables.
|
|
|
11-02-2013, 12:14 AM
|
#4
|
Member
Registered: Sep 2004
Location: Japan
Distribution: RHEL9.4
Posts: 735
Rep:
|
Yes. I read your post with my eyes glued to my bum.
Sorry. Am talking about apache. But, the only way i am aware of doing what you request is by rewriting the url or using a proxy in order to force https. Maybe with wrt you can get into the configs and do something from there. If not you will need some extra hardware or services somewhere.
|
|
|
11-02-2013, 07:37 AM
|
#5
|
Member
Registered: Sep 2004
Location: Japan
Distribution: RHEL9.4
Posts: 735
Rep:
|
I had a look at their website and your system supports many httpd servers. Is it possible to maybe change to a more widely used httpd service?
You might find these links useful.
http://wiki.openwrt.org/doc/howto/http.overview
http://wiki.openwrt.org/doc/howto/http.overview
But essentially you are looking for setting up a reverse proxy. You then would use a virtual host and the incomming connections connecting to it are accepted on https. You can do that on most servers I would assume.
So figure out what http server you use, and there would likely be a ssl reverse proxy guide for it.
Last edited by ericson007; 11-02-2013 at 10:38 AM.
|
|
|
All times are GMT -5. The time now is 04:30 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|