Gazebo | Ignition | Community
Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

It’s been a while since I experimented with this, so some fiddling with my instructions may be necessary. Enabling HTTPS with gzweb requires modifying three files:

1.) Modify gzweb/start_gzweb.sh: Change this line:

./node_modules/.bin/http-server http/client &

to:

./node_modules/.bin/http-server -S -C [path to cert] -K [path to key] http/client &

Just replace the crt and key files with wherever you store yours. You may also need to set the –a option…? Not sure about that one. If you have a more recent copy of gzweb, there is a ‘-p $PORT’ section of the command that can be left in place

2a.) Modify gzweb/http/client/gz3d.js: Change line 2112:

url : 'ws://' + location.hostname + ':7681'

to:

url : 'wss://' + location.hostname + ':7681'

Yes, it’s just adding an ’s’ to the protocol. For more recent versions of gzweb, I’m not sure the location – check these: gz3d/build/gz3d.js:2234 (this could be generated by 2b below) gz3d/src/gziface.js:32 (most likely place)

2b.) Run gzweb/updateGZ3D.sh – this addresses code checking this change and minifying the JS again.

3.) Modify gzweb/gzbridge/ws_server.js: Change line 4:

var http = require('http');

to: (putting your key and cert file locations in the appropriate spots)

var https = require('https’); var fs = require(‘fs’); var options = { key: fs.readFileSync( ‘yourkeyfile’ ), cert: fs.readFileSync( ‘yourcrtfile’ ) };

Change line 32:

var server = http.createServer( function(request, response) {

to:

var server = https.createServer(options, function(request, response) {

That should about do it!

In our case, we are stuffing gzweb behind an F5, and it is handling the certificate for us. In this case, the only step I had to take was step 2.

It’s been a while since I experimented with this, so some fiddling with my instructions may be necessary. Enabling HTTPS with gzweb requires modifying three files:

1.) Modify gzweb/start_gzweb.sh: gzweb/start_gzweb.sh:

Change this line:

./node_modules/.bin/http-server

./node_modules/.bin/http-server http/client &

&

to:

./node_modules/.bin/http-server -S -C
  -C [path to cert] -K [path to key]
  key] http/client &

&

Just replace the crt and key files with wherever you store yours. You may also need to set the –a option…? Not sure about that one. If you have a more recent copy of gzweb, there is a ‘-p $PORT’ section of the command that can be left in place

2a.) Modify gzweb/http/client/gz3d.js: gzweb/http/client/gz3d.js:

Change line 2112:

url : 'ws://' + location.hostname +
  ':7681'

+ ':7681'

to:

url : 'wss://' + location.hostname +
  ':7681'

+ ':7681'

Yes, it’s just adding an ’s’ to the protocol. For more recent versions of gzweb, I’m not sure the location – check these: these:

  • gz3d/build/gz3d.js:2234 (this could could be generated by 2b below) below)
  • gz3d/src/gziface.js:32 (most likely likely place)

2b.) Run gzweb/updateGZ3D.sh gzweb/updateGZ3D.sh – this addresses code checking this change and minifying the JS again.

3.) Modify gzweb/gzbridge/ws_server.js: gzweb/gzbridge/ws_server.js:

Change line 4:

var http = require('http');

require('http');

to: (putting your key and cert file locations in the appropriate spots)

var https = require('https’);  var fs =
  require(‘fs’); = require(‘fs’);
var options = {    key:
  {
    key: fs.readFileSync( ‘yourkeyfile’ ),
    cert: fs.readFileSync( ‘yourcrtfile’
  ) };

‘yourcrtfile’) };

Change line 32:

var server = http.createServer(
  http.createServer( function(request, response) {

{

to:

var server =
  https.createServer(options,
  = https.createServer(options, function(request, response) {

{

That should about do it!

In our case, we are stuffing gzweb behind an F5, and it is handling the certificate for us. In this case, the only step I had to take was step 2.