shiny ssl setup
prerequisites:
  • elastic IP of EC2 instance
  • ssh access to EC2 instance
  • access to AWS Route 53
  • access to namecheap account

  1. purchase domain name on namecheap.com (e.g. foo_shiny.com), include SSL
  1. configure DNS on AWS Route 53:
  1. create hosted zone for shiny.com
  1. add DNS record in hosted zone (type A, no subdomain, value elastic IP of EC2 instance)
  1. add same record as b but with www subdomain
  1. copy nameservers from NS record
  1. configure DNS on namecheap: add nameservers as “Custom DNS”

  1. ssh into EC2 instance
  1. generate private key:
  • sudo openssl genrsa -out private.key 2048
  1. generate CSR:
  • sudo openssl req -new -key private.key -out csr.pem
  1. fill in all fields prompted, common name = foo_shiny.com
  1. cat csr.pem → copy text

  1. on namecheap SSL certificates: “Activate”
  1. paste CSR
  1. use DCV method: CNAME record
  1. “Get Record” → create CNAME record in Route 53
  1. wait for cert approval, then download files

  1. configure shiny server SSL cert
  1. copy cert files onto EC2 instance
  • scp -r -i ~/.ssh/<key>.pem ~/path/to/cert ubuntu@<elasticIP>:/home/ubuntu/
  1. move cert files and private.key to /etc/shiny-server
  • move/copy crt filesand private.key to /etc/rstudio-connect
  1. edit /etc/shiny-server/shiny-server.conf
server {
  listen 443;
  ssl /etc/shiny-server/private.key /etc/shiny-server/shiny_com.crt;
  1. restart shiny server
  • sudo systemctl restart shiny-server
  1. move/copy crt file and private.key to /etc/rstudio-connect
  1. edit /etc/rstudio-connect/rstudio-connect.gcfg if needed:
[HTTPS]
Listen = :443
Certificate = /etc/rstudio-connect/foo-shiny_com.crt
Key = /etc/rstudio-connect/private.key

[HTTPRedirect]
Listen = :80
  1. restart shiny server
  • sudo systemctl restart rstudio-connect