Feature request for FOG 1.6.x - Move WebUI to HTTPS protocol

  • Moderator

    Consider switching over to HTTPS for the main FOG WebUI interface and moving the FOG Clients off the HTTP port to a dedicated port above port 1024. The FOG clients could technically stay on port 80 while the main web ui site moves to https. A filter could be added to port 80 to block non client traffic it would be akin to the block setup on the hostinfo.php to keep people with browsers from accessing this file. The FOG clients would just use a custom http header unique to the FOG Client.

  • Moderator

    @george1421 We use the certificate store. Though this is something else I was hoping to change in the future because Mono on Linux and Mac OS X have a long history of issues with the certificate store and we might think about keeping the certs just in files on the disk. I have not had the time to think this through. Might be a dead road…

  • Moderator

    @Sebastian-Roth said in Feature request for FOG 1.6.x - Move WebUI to HTTPS protocol:

    internal hand made crypto stuff and just rely on HTTPS instead

    This may be hard since isn’t the certificate compiled into the fog client or does it use the Microsoft certificate store to house the certificate?

  • Moderator

    @george1421 The fog-client is able to communicate over HTTPS and I was thinking about getting rid of the internal hand made crypto stuff and just rely on HTTPS instead.

352
Online

9.6k
Users

16.0k
Topics

147.9k
Posts