Navigate to
/opt/gpudb/httpd/conf/data.confand uncomment the following settings, ensuring you replace the SSLCertificateFile and SSLCertificateKeyFile setting values with the proper file paths. Read the Apache HTTPD SSL Docs for more informationSSLEngine On ... SSLCertificateFile </path/to/cert> SSLCertificateKeyFile </path/to/key> SSLProxyEngine On RequestHeader set X-Forwarded-Proto "https"
Important
The following settings are optional but provide greater security. Depending on what version of OpenSSL is installed on the system, the TLS version should be updated. Note that TLS version 1.1 is being retired after the first part of 2020. The SSLCipherSuite setting can also be upgraded, e.g., SSLCipherSuite HIGH:!aNULL:!MD5:
SSLProtocol -all +TLSv1.2 SSLCipherSuite HIGH:MEDIUM Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT" Header set Access-Control-Max-Age "1000" Header set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
