hey folks this is a slightly techie question that may have been asked, but here goes - i'm running a server on a Bitnami stack and looks like i've got SMTP working to notify students that a new ID has been created for them. the only issue is the link that is sent back to them is a https:// secure link and will not load. however it will load unsecurely (as http://). i have a feeling that getting the https working probably requires an SSL token/ID to be configured someplace, and i can do this, but unless it's really easy, i'd like to just get things working as it is unsecurely, as we are not in a production mode yet. is there a way to configure Canvas or the server to send the authentication link unsecured?
any answers appreciated! thanks!
@scottrlooney , you are correct, that does seem pretty technical so I’m going to share this with the https://community.canvaslms.com/groups/canvas-developers?sr=search&searchId=7828036f-42ca-4480-b8da-... group in the Community. They are focused more onthe backend integration and programming stuff related to Canvas, and can hopefully help with this!
Hi @scottrlooney ,
I will admit I have not had any experience with the Bitnami installs, however there are a few avenues I would look at.
Before I go into those though, I will put on my 'governance panda' hat, because I think it is incredibly important. From a best practice and IT Security governance perspective, even in a beta/trial mode, even with only one or two users, I would strongly *strongly* recommend against operating over the http protocol under any circumstances. While the use of a test system might seem like it does not be secure and you are excited to get up and running, there are several areas that you should consider. The foremost in my mind is that people may use the same password on this system, as other systems. The moment they log in to this (even though it is a test server), this puts their credentials at significant risk. Additionally, any information sent to the system (even though it is a test environment) would be sent insecurely. When you extrapolate this further, that then puts your server and instance at risk also, should it be compromised there may be additional concerns you would have to consider. While this list is certainly by no means comprehensive, for this and a plethora of other issues, I would implore you to reconsider running over HTTP under any circumstances.
So, with that in mind, while I have not used Bitnami before, I will do my best to give you a few avenues to try to resolve the issue and get https working:
Look forward to hearing your thoughts.
We are giving the Canvas Admins area a little bit of love and just want to check in with you. This will also bring this question new attention.
Were you able to find an answer to your question? I am going to go ahead and mark this question as answered because there hasn't been any more activity in a while so I assume that you have the information that you need. If you still have a question about this or if you have information that you would like to share with the community, by all means, please do come back and leave a comment. Also, if this question has been answered by one of the previous replies, please feel free to mark that answer as correct.