By default REM runs over HTTP in the bundled Jetty web server. If additional security is required, there are a couple ways in which REM can be run over HTTPS.
An example configuration for HTTPS is provided in recent versions of
REM. To enable this, open the
start.ini file and uncomment the ssl
and https modules:
-# --module=ssl +--module=ssl
-# --module=https +--module=https
You will also need to provide or create a proper web keystore (by default
etc/keystore inside the main
For more detailed instructions on creating a keystore and configuring HTTPS in Jetty, see Configuring Security in the Jetty documentation.
If you have an existing Apache installation that is already configured to use HTTPS, then you may wish to serve REM through that.
The setup can be a bit complicated on the Apache side and a couple different options are available.
For detailed instructions see How to use Jetty with Apache, AJP, mod_jk, mod_proxy_balancer