Enabling HTTPS for Nakama Console

Game Design
1

Starting this new topic to ask if there is some how-to or best practice to enable HTTPS for the newer Nakama Console (version 3.+).

It’s been more than a year since the last related questions and from there I couldn’t figure out the best way to configure our server with this security requirement.

2

@landrade This is not specific to the game server. You can use the SSL support built-into the server and configure the SSL keys which we don’t recommend in production; or you can put a load balancer in front of the server which you can configure for SSL negotiation.

2 Likes
3

I meant activating SSL only for the Nakama Console using a Public CA so that the browser recognizes the site as safe.

image
image922×581 17.3 KB

4

@landrade I fully understand what you’re asking and as I said above its up to you to set up your load balancer configuration appropriately to use SSL.

SSL-enabled-console
SSL-enabled-console1950×1320 55.7 KB

5
  1. Get SSL wrapper from GitHub - cesanta/ssl_wrapper: Wrap plain TCP traffic into SSL
  2. You have to have PEM certificate that you browser accepts.
  3. build the SSL wrapper. (and follow the PEM instructions)
  4. In your config.yaml, set your port 7351 to use address 127.0.0.1
  5. Then run ssl_wrapper ssl_wrapper ssl://{YOUR-PUBLIC-IP}:7351:{YOUR-PEM-FILE}.pem 127.0.0.1:7351

Then you can https://YOURSERSERVER:7351

6

And for UNIX/Linux do a chmod og-rwx on your PEM file.
I have no idea how to restrict read restrictions on other OS’s.