Skip to end of metadata
Go to start of metadata

Setting up SSL for Scalr is very straightforward. Scalr-server.rb config looks like the following:

# Uncomment to enable SSL
proxy[:ssl_enable] = true
proxy[:ssl_redirect] = true
proxy[:ssl_cert_path] = "/etc/ssl/scalrcert.crt"
proxy[:ssl_key_path] = "/etc/ssl/scalrkey.key"
routing[:endpoint_scheme] = ‘https'

SSL config documentation is available in the Basic Configuration section under the header “Proxy options.”  At a minimum, you will need to enable SSL by uncommenting all appropriate lines in the SSL config block, specify your cert and key path, and ensure that you open port 443 in your Scalr server firewall (iptables).  You should either have your own cert, or use openssl to generate a self-signed cert for this purpose.  Be sure to run reconfigure (scalr-server-ctl reconfigure) after making these modifications to scalr-server.rb so that the changes take effect.  Once this is done successfully you should be able to login to the Scalr server UI over HTTPS.  

Keep in mind that previously provisioned instances will have hard coded metadata based on the scalr-server.rb file that was present at the time they were provisioned.  In some cases this can not be changed and you will need to kill and let Scalr re-provision instances with the new connection info.
  • No labels