10. Add SSL Support

(Optional, but recommended)

The SSL protocol provides for a secure channel of communication between the user’s browser and the Open OnDemand portal.


  • a server name that points to the Open OnDemand server (webdev05.hpc.osc.edu)
  • signed SSL certificates with possible intermediate certificates


You may use Let’s Encrypt to obtain a free SSL certificate. You can read more about it in their Getting Started documentation.

In this example the certificates are located at:

# Public certificate

# Private key

# Intermediate certificate
  1. Install the necessary Apache module to use SSL:

    sudo yum install httpd24-mod_ssl.x86_64
  2. Update the Apache config with the server name and paths to the SSL certificates. This requires modifying the configuration file for the ood-portal-generator.

    cd ~/ood/src/ood-portal-generator
  3. Configuration is handled by editing the config.yml as such:

    servername: webdev05.hpc.osc.edu
      - 'SSLCertificateFile "/etc/pki/tls/certs/webdev05.hpc.osc.edu.crt"'
      - 'SSLCertificateKeyFile "/etc/pki/tls/private/webdev05.hpc.osc.edu.key"'
      - 'SSLCertificateChainFile "/etc/pki/tls/certs/webdev05.hpc.osc.edu-interm.crt"'


    For documentation on SSL directives please see: https://httpd.apache.org/docs/2.4/mod/mod_ssl.html

  4. Re-build the Apache config:

    scl enable rh-ruby22 -- rake
  5. Copy it over to the default location:

    sudo scl enable rh-ruby22 -- rake install
  6. Restart the Apache server:

    sudo service httpd24-httpd restart


    If using RHEL 7 you will need to replace the above command with:

    sudo systemctl restart httpd24-httpd

When you visit the portal in your browser now it should redirect any http traffic to the proper https protocol.

http://webdev05.hpc.osc.edu => https://webdev05.hpc.osc.edu