.. _gunicorn-ssl-support: Gunicorn SSL support -------------------- :term:`Gunicorn` wsgi server allows users to use HTTPS connection directly without a need to use HTTP server like Nginx or Apache. To Configure SSL support directly with :term:`Gunicorn` you need to simply add the key and certificate paths to your configuration file. 1. Open the :file:`home/{user}/.rccontrol/{instance-id}/rhodecode.ini` file. 2. In the ``[server:main]`` section, add two new variables called `certfile` and `keyfile`. .. code-block:: ini [server:main] host = 127.0.0.1 port = 10002 use = egg:gunicorn#main workers = 1 threads = 1 proc_name = RhodeCodeEnterprise worker_class = sync max_requests = 1000 timeout = 3600 # adding ssl support certfile = /home/ssl/my_server_com.pem keyfile = /home/ssl/my_server_com.key 4. Save your changes. 5. Restart your |RCE| instance, using the following command: .. code-block:: bash $ rccontrol restart enterprise-1 After this is enabled you can *only* access your instances via https:// protocol. Check out more docs here `Gunicorn SSL Docs`_ .. note:: This change only can be applied to |RCE|. VCSServer doesn't support SSL and should be only used with http protocol. Because only |RCE| is available externally all communication will still be over SSL even without VCSServer SSL enabled. .. _Gunicorn SSL Docs: http://docs.gunicorn.org/en/stable/settings.html#ssl