Support https URLs
As requested by Fermilab, Frontend and Factory should support also https for the staging and monitoring pages
This means that:
- Apache configuration should be changed accordingly
- Should be possible to keep http for sites that desire so
- Should be verified that the glideins reliability is not reduced (they should be able to connect also from workernodes that have no public IP, host certificate or CA certs directory)
- An option could be added to fail in case the server cannot be identified properly (the possibility to use only the checksums should remain)
#1 Updated by Marco Mambelli about 1 month ago
Even if small in sizes, the files from the Factory and Frontend are downloaded by thousands of glideins. They rely heavily on HTTP Proxies. Https would increase the load on the server and the latency for all jobs. We found no way to cache the files with https. Proxies are considered to be Man In The Middle attacker.
Only the monitoring pages should be moved to https.
Https should be enabled and the http requests for the monitoring area should be redirected to https.
An exemption should be requested for the staging area