graphite-dev team mailing list archive

Thread
Date

[Question #245231]: graphite-web via https

To: graphite-dev@xxxxxxxxxxxxxxxxxxx
From: Les Stott <question245231@xxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 10 Mar 2014 04:51:18 -0000
Reply-to: question245231@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

New question #245231 on Graphite:
https://answers.launchpad.net/graphite/+question/245231

I am just beginning to use graphite, and getting familiar with all of its related components.  
We want to be able to secure access to graphite, at least for admin login pages so that usernames and passwords are transferred securely. Or, alternatively, enforce https for graphite-web (although i read where this may cause slowness).

Our implementation sits on redhat 6.4 using standard graphite packages from epel, and it will be served from apache.

Complicating things is that this box already runs FreeIPA, and its web interface seems to not play well with graphite-web when trying to setup https access (FreeIPA puts a rewrite rule in place to redirect requests from http to https).

So i'm looking for best practices (and or any ways that users have made it work) and how to implement https for graphite-web in an apache environment with multiple virtual hosts. 

What is the best way to ensure https security for graphite? (at least for admin pages if not desirable for the whole site)

What is the easiest or best way to implement it on a server using ssl with other virtual hosts? different port for virtual host, namebasedvirtualhost? 

Thanks in advance,

Les

 

-- 
You received this question notification because you are a member of
graphite-dev, which is an answer contact for Graphite.