Enabling HTTPS

Before you begin, purchase an SSL certificate and download the SSL *.cert file and SSL *.key file.

NOTE: If security is not an issue, for testing, you may set up a self-signed SSL certificate. For more information, see http://www.selfsignedcertificate.com/.

  1. Save the SSL *.cert file and an SSL *.key file in your home directory.

  2. Configure the server to use those keys and the correct ports:

    anaconda-server-config --set ssl_options.keyfile ~/localhost.key
    anaconda-server-config --set ssl_options.certfile ~/localhost.cert
    anaconda-server-config --set port 8443
  3. Restart your server for the changes to take effect:

    supervisorctl restart all
  4. To test, navigate to the site using https in the address bar.

    NOTE: If you use a self-signed SSL certificate, your web browser issues a warning that the website certificate cannot be verified.

Next, configure your client side tools conda and anaconda-client to pull packages from the local repo by setting the ssl_verify flags.

Configure conda

If your conda client is configured to point to this local repo, update the configuration file .condarc to contain the ssl_verify flag. If you’re using a self-signed certificate, configure the ssl_verify flag in .condarc to point to the root CA used to sign the Anaconda Enterprise Repository server certificate.

Configure anaconda-client

If you’re using anaconda-client to connect to Anaconda Enterprise Repository with the command line, set the ssl_verify flag.

Use anaconda config --files to find the anaconda-client configuration files.

SEE the command reference for updating the client sites configuration for anaconda-client.