OpenUEM - An Open Source Unified Endpoint Manager
Let's Encrypt support for console #5
Replies: 4 comments 2 replies
-
|
Hi @formula349, first of all, thanks for reaching me out and evaluating OpenUEM. As many reverse proxies and K8s ingress controllers out there can generate Let’s Encrypt certificates requests to serve HTTPS traffic, it’d be a nice addition to have for serving the console. The problem is that Let’s Encrypt CA cannot be used to generate certificates like those used by OpenUEM components and user authentication, but I’ll think about a way that allows deployment with Let’s Encrypt to get access to the console. |
Beta Was this translation helpful? Give feedback.
-
|
@formula349 I've created issue #8 to keep track of further progress Thanks! |
Beta Was this translation helpful? Give feedback.
-
|
I think that the right approach would be placing the console behind a reverse proxy that can make use of Let’s Encrypt certificate and forward the UI and authentication requests to the console. Is this a valid proposal for you and if so, which proxy or scenario would you like to be tested and documented by me? For example, I may add a reverse proxy container to the docker deployment. Or do you propose that, when the console is installed facing directly to the internet, it requests a certificate from Let’s Encrypt and be used without a reverse proxy? Thanks in advance @formula349 |
Beta Was this translation helpful? Give feedback.
-
|
I agree that the reverse proxy is the right production decision. I was just wanting to play around with it. It would be nice to have the automatic letsencrypt for that scenario, but I don't know that it's more important than your roadmap and other new features. |
Beta Was this translation helpful? Give feedback.
-
|
Right now, I want to make it easy to install and test OpenUEM and I LOVE your suggestion so I think I'll add a proxy to the docker compose that can make use of Let's Encrypt, if you agree that it would benefit prospect users. Thanks a lot for playing with OpenUEM, any feedback is much appreciated. |
Beta Was this translation helpful? Give feedback.
-
|
Yes I agree it would improve the trial experience. I know that MeshCentral has this feature built in if that helps. https://ylianst.github.io/MeshCentral/meshcentral/SSLnletsencrypt/ |
Beta Was this translation helpful? Give feedback.
-
I don't see anything in the docs regarding using letsencrypt for the console HTTPS. Would this be possible to do at some point?
Beta Was this translation helpful? Give feedback.
All reactions