4. Add SSL Support

(Optional, but recommended)

The SSL protocol provides for a secure channel of communication between the user’s browser and the Open OnDemand portal.


  • a server name that points to the Open OnDemand server (ondemand.my_center.edu)

  • signed SSL certificates with possible intermediate certificates


You may use Let’s Encrypt to obtain a free SSL certificate. You can read more about it in their Getting Started documentation.

In this example we assume the following certificates are provided:

Public certificate


Private key


Intermediate certificate


  1. Edit the Open OnDemand Portal ood_portal.yml file /etc/ood/config/ood_portal.yml as such:

    # /etc/ood/config/ood_portal.yml
    # ...
    servername: ondemand.my_center.edu
      - 'SSLCertificateFile "/etc/pki/tls/certs/ondemand.my_center.edu.crt"'
      - 'SSLCertificateKeyFile "/etc/pki/tls/private/ondemand.my_center.edu.key"'
      - 'SSLCertificateChainFile "/etc/pki/tls/certs/ondemand.my_center.edu-interm.crt"'


    For documentation on SSL directives please see: https://httpd.apache.org/docs/2.4/mod/mod_ssl.html

  2. Build/install the updated Apache configuration file:

    sudo /opt/ood/ood-portal-generator/sbin/update_ood_portal
  3. Restart the Apache server to have the changes take effect:

    CentOS/RHEL 7:
    sudo systemctl try-restart httpd24-httpd.service httpd24-htcacheclean.service

Now when you browse to your OnDemand portal at:


it should redirect you to the HTTP over SSL protocol deployment:


where depending on your browser, should display a green lock of some kind to indicate that the site is secure.