{"id":151567,"date":"2021-11-01T03:55:02","date_gmt":"2021-11-01T03:55:02","guid":{"rendered":"https:\/\/onet.com.vn\/?p=151567"},"modified":"2022-11-13T10:56:33","modified_gmt":"2022-11-13T10:56:33","slug":"cai-dat-ssl-https-grafana-centos-7","status":"publish","type":"post","link":"https:\/\/onet.com.vn\/cai-dat-ssl-https-grafana-centos-7\/","title":{"rendered":"C\u00e0i \u0111\u1eb7t SSL HTTPS Grafana Centos 7"},"content":{"rendered":"

Grafana SSL<\/h2>\n
SSL is not installed by default when using the free, self-hosted community edition. If you purchase the cloud version, then SSL is configured automatically by default. You will need sudo access to the servers\u00a0\/etc\/grafana\/grafana.ini<\/strong>\u00a0file. Look for the HTTP options:<\/p>\n

Grafana HTTP options<\/h2>\n
There are two key fields that need changing in the\u00a0Grafana.ini<\/strong>\u00a0file:<\/p>\n
[server]
\nhttp_addr = dashboard.yourdomain<\/strong>.co.uk
\nhttp_port = 3000
\ndomain = yourdomain.co.uk
\nroot_url = https:\/\/grafana.yourdomain<\/strong>.co.uk:3000
\ncert_key\u00a0<\/strong>= \/etc\/grafana\/grafana.key<\/code> \nenforce_domain = False \nprotocol\u00a0<\/strong>= https<\/code> \nsocket = \nenable_gzip = False \ncert_file = \/etc\/grafana\/grafana.crt \nstatic_root_path = public \nrouter_logging = False<\/p>\n
Step 1 \u2013 Create an SSL Certificate<\/h2>\nI am using Red Hat Linux, but this will work on CentOS as well. You may need to check your appropriate documentation if you are using another flavor of Linux.<\/p>\n From the command line type:<\/p>\n openssl genrsa -out grafana.key 2048\r\n<\/code><\/pre>\n <\/p>\n You should see output like this:<\/p>\n <\/figure>\nStep 2 \u2013 Generate a certificate signing request<\/h2>\nFrom the command line type:<\/p>\n openssl req -new -key grafana.key -out grafana.csr<\/code><\/pre>\n <\/p>\n You should see output like this:<\/p>\n <\/figure>\nStep 3 \u2013 Output the certificate<\/h2>\nFrom the command line type:<\/p>\n openssl x509 -req -days 365 -in grafana.csr -signkey grafana.key -out grafana.crt<\/code><\/pre>\n <\/p>\n You should see output like this:<\/p>\n Note: If you type\u00a0ls -l<\/strong>\u00a0you will see your certificates<\/figcaption><\/figure>\nStep 4 \u2013 Set certificate key file ownership<\/h2>\nFrom the command line type:<\/p>\n sudo chown grafana:grafana grafana.crt\r\nsudo chown grafana:grafana grafana.key\r\nsudo chmod 400 grafana.key grafana.crt<\/code><\/pre>\n <\/p>\n Step 5 \u2013 Move certificate and key file to the Grafana installation folder<\/h2>\nFrom the command line type:<\/p>\n sudo mv grafana.crt grafana.key \/etc\/grafana\/\r\n<\/code><\/pre>\n <\/p>\n Step 6 \u2013 Edit the Grafana.ini file<\/h2>\nFrom the command line type:<\/p>\n sudo vim \/etc\/grafana\/grafana.ini<\/code><\/pre>\n\nLocate the #HTTP options. Set the properties as:<\/li>\n<\/ul>\n <\/p>\n protocol = https\r\ncert_key = \/etc\/grafana\/grafana.key\r\ncert_file = \/etc\/grafana\/grafana.crt<\/code><\/pre>\n <\/p>\n \nSave and close the file, and now restart the grafana service<\/li>\n<\/ul>\n <\/p>\n sudo service grafana-server restart<\/code><\/pre>\n<\/figure>\n <\/p>\n Step 7 \u2013 Browse to the server IP<\/h2>\nNow browse to the server IP address and you should be prompted with a warning. As this is a Self Signed Certificate, you will be prompted once like this:<\/p>\n <\/figure>\nNote: You will always have to accept this prompt (only once) unless you have purchased a Signed Certificate from a certificate authority vendor such as\u00a0https:\/\/www.digicert.com\/<\/a><\/p>\n That\u2019s it, thanks for taking the time to read this article. if you have any questions or feedback please write in the comment section below.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":" Grafana SSL SSL is not installed by default when using the free, self-hosted community edition. If you purchase the cloud version, then SSL is configured automatically by default. You will need sudo access to the servers\u00a0\/etc\/grafana\/grafana.ini\u00a0file. Look for the HTTP options: Grafana HTTP options There are two key fields that need changing in the\u00a0Grafana.ini\u00a0file: [server] […]<\/p>\n","protected":false},"author":1,"featured_media":151584,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33,466,468],"tags":[],"_links":{"self":[{"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/posts\/151567"}],"collection":[{"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/comments?post=151567"}],"version-history":[{"count":2,"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/posts\/151567\/revisions"}],"predecessor-version":[{"id":151587,"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/posts\/151567\/revisions\/151587"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/media\/151584"}],"wp:attachment":[{"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/media?parent=151567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/categories?post=151567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onet.com.vn\/wp-json\/wp\/v2\/tags?post=151567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}