6.2.5.1 Enabling HTTPS in the RLM Web Server

Starting in version 16.0, HTTPS is enabled by default and will generate a self-signed certificate (rlm-cert.pem) and key (rlm-key.pem) on startup, if they do not exist. To use your own certificate and key, use the two startup options, -sslcert and -sslpriv to point to your SSL certificate and SSL private key.

e.g.:

% ./rlm -sslcert /path/to/cert.pem -sslpriv /path/to/privkey.pem

Tip: If you rename your certificate “rlm-cert.pem” and your key “rlm-key.pem”, and overwrite the self-signed copies in the working directory, RLM will pick them up automatically.

You can access your web server by typing ServerHostName:5054 (be sure to include the https:// if you are not automatically redirecting the url via other means).

If you are running your server as root/administrator, it is possible to set your web server to run on port 443 (the default HTTPS port) by running the following:

% ./rlm -sslcert /path/to/cert.pem -sslpriv /path/to/privkey.pem -ws 443

While running on port 443 and pointing at valid SSL certificate and private key, your browser should automatically redirect to https:// without needing to type it explicitly. i.e., typing ServerHostName should take you to ServerHostName:443.

Attention: Due to the self-signed nature of the automatically generated certificate, your browser will likely display a warning before you can get to the web server. Traffic to the web server will still be encrypted.

Self-signed certificates can not be generated with a password to use the web server.