We are using Open edX powered by Bitnami on AWS Cloud Ironwood release.
We want to use HTTPS for Open edX:
- Learning Management System (LMS)
- Content Management System (CMS) or Studio
- Admin
First of all, get an SSL certificate from a provider such as Comodo.
You will get several files but we will only be using three:
- A certificate key file: example_com.key
- A certificate file: example_com.crt
- A CA certificate file: example_com.ca-bundle
Put all of these in ~/apps/edx/conf/certs
Use a subdomain for the CMS/Studio. If you haven’t already done so have a look at this article.
Now let’s edit the ~/apps/edx/conf/httpd-vhosts.conf file and add a virtual host at port 443 for the LMS and the CMS. Put a Redirect permanent on each virtual host listening on port 80 so any call to http will be redirected to https.
<VirtualHost *:80>
ServerName lms.example.com Redirect permanent / https://lms.example.com/
Include “/opt/bitnami/apps/edx/conf/httpd-lms.conf”
</VirtualHost><VirtualHost *:443>
ServerName lms.example.com
# ServerAlias *SSLEngine on
SSLCertificateFile “/opt/bitnami/apps/edx/conf/certs/example_com.crt”
SSLCertificateKeyFile “/opt/bitnami/apps/edx/conf/certs/example_com.key”
SSLCACertificateFile “/opt/bitnami/apps/edx/conf/certs/example_com.ca-bundle” Include “/opt/bitnami/apps/edx/conf/httpd-lms.conf”
</VirtualHost><VirtualHost *:80>
ServerName studio.example.com Redirect permanent / https://studio.example.com/
Include “/opt/bitnami/apps/edx/conf/httpd-cms.conf”
</VirtualHost><VirtualHost *:443>
ServerName studio.example.com SSLEngine on
SSLCertificateFile “/opt/bitnami/apps/edx/conf/certs/example_com.crt”
SSLCertificateKeyFile “/opt/bitnami/apps/edx/conf/certs/example_com.key”
SSLCACertificateFile “/opt/bitnami/apps/edx/conf/certs/example_com.ca-bundle” Include “/opt/bitnami/apps/edx/conf/httpd-cms.conf”
</VirtualHost>
Save ~/apps/edx/conf/httpd-vhosts.conf and now let’s edit ~/apps/edx/conf/httpd-lms.conf and comment out some lines to enable remote access to Django admin console:
# Disable remote access to Django admin console
# <Location “/admin”>
# Require local
# ErrorDocument 403 “For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.”
# </Location>Save ~/apps/edx/conf/httpd-lms.conf and restart apache and edx processes:
$ sudo /opt/bitnami/ctlscript.sh restart apache
$ sudo /opt/bitnami/ctlscript.sh restart edxAnd we’re done!
Now you can access your LMS, CMS and Admin on https://lms.example.com, https://studio.example.com and https://lms.example.com/admin.
