Enabling SSL

Enabling SSL certificates for your OpenEDX instance using letsencrypt

You have just set up your openedx instance. Congratulations! But, the work is not done yet: you need to protect it with security information like an SSL certificate which will encrypt and decrypt all of that data in transit between the user's browser and our servers. This ensures only encrypted traffic passes for anyone trying to listen on any network along its way from their device through Wi-Fi or cellular networks to us, so they are always safe when using this site without risking personal identity theft or fraud.

Before starting the instruction, SSH to the remote server first

Nginx Setup

Go to /edx/app/nginx/sites-available/lmsAnd add a new line for server_name if it doesn't already exist. This line should include domain names for LMS and PREVIEW. Same as what you assign to EDXAPP_LMS_BASE and EDXAPP_PREVIEW_LMS_BASE in the configs.yml file

Example

server {
  server_name academy.com preview.academy.com
  .
  .
  .
  .
  .
  .

Now Go to /edx/app/nginx/sites-available/cmsAnd add a new line for server_name if it doesn't already exist. This line should include domain names for STUDIO. Same as what you assign to EDXAPP_CMS_BASE in the configs.yml file

server {
  server_name studio.academy.com
  .
  .
  .
  .
  .
  .

Install SSL with Letsencrypt

Go to https://certbot.eff.org and follow their instructions on how to install and enable SSL. Make sure you choose Nginx as the software and the version of Ubuntu you have installed in your server.

Set HTTPS redirect to true. So all the HTTP requests automatically get redirected to secure traffic.

Last updated