#summary SSL Howto #labels Phase-Deploy,Featured
Tryton can be configured to use encrypted communication for all of its client protocols: JSON-RPC, XML-RPC and WebDAV. Each of these communication channels can be switched to use SSL.
Otherwise an eavesdropper would be able to intercept an unencrypted channel and get usernames and passwords.
You need to have this package installed on both systems (server, client):
And this one on server:
If your organization does not have set up a PKI, or if you are only setting up a test system, you may get along with a self-signed certificate. If you are looking for a place to get "real" certificates, please visit http://www.cacert.org.
You can generate a self-signed certificate with this command on the server:
openssl req -new -x509 -keyout /path/to/private/server.pem -out /path/to/certs/server.pem -days 365 -nodes
You must edit the configuration file (see the documentation).
You must restart the server.
- For the tryton client, there is no need to change anything. The client will use the SSL connection automatically and display a closed lock in the lower right corner.
- For WebDAV access you need to change the schema (first part of the URL) to
webdavs://(that is: append ans), while still using the same port. - For XML-RPC you need to change the schema (first part of the URL) to
https://(that is: append ans), while still using the same port.