From: Ben Shum <bshum@biblio.org>
Date: Sat, 13 Sep 2014 22:23:46 +0000 (-0400)
Subject: LP#1369169: Mention the requirement for valid SSL certificate
X-Git-Tag: osrf_rel_2_5_0-alpha~59
X-Git-Url: http://git.equinoxoli.org/?p=opensrf-equinox.git;a=commitdiff_plain;h=8fb8d3b03cea233e15551614171ee3706c89ca69

LP#1369169: Mention the requirement for valid SSL certificate

The apache2-websockets instance will not start without a valid SSL certificate
in /etc/apache2/ssl.  Include a mention of this in the README with the extra
stipulation that it is still possible to use a self-signed SSL certificate for
testing purposes, but this is not recommended for live installations.

Signed-off-by: Ben Shum <bshum@biblio.org>
Signed-off-by: Bill Erickson <berickxx@gmail.com>
---

diff --git a/README b/README
index 4159dfa..8631eb0 100644
--- a/README
+++ b/README
@@ -419,7 +419,13 @@ export OSRF_WEBSOCKET_MAX_REQUEST_WAIT_TIME=600
     died on the server, and thus no response was ever delivered to the gateway.
   * CONFIG_FILE / CTXT are the standard opensrf core config options.
 
-7. After OpenSRF is up and running (or after any re-install),
+7. Before you can start websockets, you must install a valid SSL certificate 
+   in `/etc/apache2/ssl/`.  It is possible, but not recommended, to generate a 
+   self-signed SSL certificate.  For example, if you need to test with a self-signed 
+   certicate on Chrome or Chromimum browsers, one workaround is to start the browser 
+   with `--ignore-certificate-errors`.
+
+8. After OpenSRF is up and running (or after any re-install),
    fire up the secondary Apache instance. Errors will appear in
    `/var/log/apache2-websockets/error.log`. Start apache2-websockets with:
 +