[SOLVED] Sync GUI - force_https & SSL configuration

[DarkShell]

Hi - so I've configured the Sync GUI to use a self signed certificate over HTTPS, but am running into two issues:

1) Even when setting the force_https setting as "true" in the Sync config file, I can still browse to the GUI over normal HTTP. For example I type http://192.168.1.1:8888/gui and get prompted for login/password. I'd like all login requests to go over HTTPS for security reasons.

2) The self signed certificate I generated is signed using SHA2, but when I login to the Sync GUI and view the certificate Google Chrome says the cert is insecure because it is signed using SHA1. It appears my cert is not used even though it's defined in the configuration file.

Here is SSL info from my configuration file:
/* ssl configuration */
  ,"force_https" : true // disable http
  ,"ssl_certificate" : "/home/ssl/sync.crt"
  ,"ssl_private_key" : "/home/ssl/sync.key"

Sync is installed on Ubuntu 16.04 on ARM architecture. I appreciate any help with either question above. Thanks!

[DarkShell]

I figured out the issue here - user error

I was using this command assuming it was applying the configuration:

./rslsync --config /home/sync.conf

But it was not, as the configuration comes from the file /etc/resilio-sync/config.json. So added the parameters to that file:

"webui" :
    {
        "listen" : "0.0.0.0:888",
        "force_https" : true,
        "ssl_certificate" : "/home/ssl/sync.crt",
        "ssl_private_key" : "/home/ssl/sync.key"
    }

Restarted the service and boom everything works properly.