From d6a92dd0ea42ec64f15b81843b4db62c7b186bdb Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Fri, 4 Sep 2015 14:38:38 +0200 Subject: [PATCH 1/2] [release notes] mention apache reverse proxy to re-enable SSL --- doc/release-notes.md | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/doc/release-notes.md b/doc/release-notes.md index 2fc601d435..293fc87979 100644 --- a/doc/release-notes.md +++ b/doc/release-notes.md @@ -27,6 +27,36 @@ Then, to tunnel a SSL connection on 28332 to a RPC server bound on localhost on It can also be set up system-wide in inetd style. +Another way to re-attain SSL would be to setup a httpd reverse proxy. This solution +would allow the use of different authentication, loadbalancing, on-thy-fly compressing and +caching. A sample config for apache2 could look like: + + Listen 443 + + NameVirtualHost *:443 + + + SSLEngine On + SSLCertificateFile /etc/apache2/ssl/server.crt + SSLCertificateKeyFile /etc/apache2/ssl/server.key + + + ProxyPass http://127.0.0.1:8332/ + ProxyPassReverse http://127.0.0.1:8332/ + # optional enable digest auth + # AuthType Digest + # ... + + # optional bypass bitcoind rpc basic auth + # RequestHeader set Authorization "Basic " + # get the from the shell with: base64 <<< bitcoinrpc: + + + # Or, balance the load: + # ProxyPass / balancer://balancer_cluster_name + + + Random-cookie RPC authentication --------------------------------- From a1df1e870b79200c70cf6a5e3201dab1e981a2a2 Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Fri, 4 Sep 2015 15:25:01 +0200 Subject: [PATCH 2/2] [docs] add libevent dependency to build-osx.md --- doc/build-osx.md | 2 +- doc/release-notes.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/build-osx.md b/doc/build-osx.md index dc319dd1c4..8fad8b5b00 100644 --- a/doc/build-osx.md +++ b/doc/build-osx.md @@ -32,7 +32,7 @@ Instructions: Homebrew #### Install dependencies using Homebrew - brew install autoconf automake berkeley-db4 libtool boost miniupnpc openssl pkg-config protobuf qt5 + brew install autoconf automake berkeley-db4 libtool boost miniupnpc openssl pkg-config protobuf qt5 libevent NOTE: Building with Qt4 is still supported, however, could result in a broken UI. As such, building with Qt5 is recommended. diff --git a/doc/release-notes.md b/doc/release-notes.md index 293fc87979..e61933ddb2 100644 --- a/doc/release-notes.md +++ b/doc/release-notes.md @@ -28,7 +28,7 @@ Then, to tunnel a SSL connection on 28332 to a RPC server bound on localhost on It can also be set up system-wide in inetd style. Another way to re-attain SSL would be to setup a httpd reverse proxy. This solution -would allow the use of different authentication, loadbalancing, on-thy-fly compressing and +would allow the use of different authentication, loadbalancing, on-the-fly compression and caching. A sample config for apache2 could look like: Listen 443