CUE Configuration (HTTPS)

CUE Configuration involves configuring both CUE itself and the nginx web server used to host it (for more about this, see the CUE documentation). The CUE configuration file /etc/escenic/cue-web-version/config.yml must contain the following setting identifying the Content Store web service to connect to:

endpoints:
  escenic: "https://cue.mydomain.com/webservice/index.xml"

The required nginx configuration is as follows:

• In /etc/nginx/sites-available/default:

  server {
    include /etc/nginx/certs/*.conf;
    include /etc/nginx/default-site/*.conf;
  }

• In /etc/nginx/default-site/cue-web.conf:

  location /cue-web/ {
          alias /var/www/html/cue-web/;
          expires modified +310s;
  }

• In /etc/nginx/default-site/webservice.conf:

  location ~ "/(escenic|studio|webservice|webservice-extensions)/(.*)" {
      proxy_set_header Host $http_host;
      proxy_pass http://editorial.mydomain.com:8443/;
  }

• In /etc/nginx/conf.d/request-entity-size-limit.conf:

  client_max_body_size 0;

• In /etc/nginx/certs/cue.mydomain.com.conf:

  listen 443 ssl;
  server_name cue.mydomain.com
  ssl_prefer_server_ciphers On;
  ssl_certificate /etc/nginx/certs/cue.mydomain.com.pem;
  ssl_certificate_key /etc/nginx/certs/cue.mydomain.com.key;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS;

  This configuration is based on the assumption that you have obtained and installed a valid SSL certificate. For information on how to do this, please see the documentation of your chosen certificate supplier.