Networking

Configuring Network Ports in Posit Package Manager

By default, Package Manager uses port 4242 for HTTP and port 443 for HTTPS. When configuring Posit Package Manager for either HTTP or HTTPS, it is recommended to set the port of the unused protocol to an empty value. For example, if configuring Posit Package Manager to only use HTTPS, then the HTTP port should be set to an empty value like the following:

File: /etc/rstudio-pm/rstudio-pm.gcfg
[HTTP]
Listen =

If configuring Posit Package Manager to only use HTTP, then the HTTPS port would be set to an empty value like such:

File: /etc/rstudio-pm/rstudio-pm.gcfg
[HTTPS]
Listen =

Configuring a custom HTTP port

You can configure custom network ports by editing the configuration file and restarting Package Manager.

For example, to change the HTTP port to 80, add the following lines to the Package Manager configuration file:

File: /etc/rstudio-pm/rstudio-pm.gcfg
[HTTP]
Listen = :80

Then, restart Package Manager by running the following command:

Terminal
sudo systemctl restart rstudio-pm

For more information on network ports and other related settings, refer to the HTTP settings and HTTPS settings of the appendix.

Configuring SSL Certificates

You can configure SSL/TLS certificates by editing the configuration file to point to the relevant PEM-encoded private key and certificate files and restarting Package Manager.

To configure SSL certificates, add the following lines to the Package Manager configuration file:

File: /etc/rstudio-pm/rstudio-pm.gcfg
[HTTPS]
Listen = :443
Certificate = <PATH-TO-CERTIFICATE-FILE>
Key = <PATH-TO-KEY-FILE>
Important

Posit Package Manager does not allow certificate private keys to have a passphrase. Remove the passphrase if one exists by using the following example:

Terminal
openssl rsa -in [original.key] -out [new.key]

Modifying HTTP.Listen or HTTPS.Listen to use a privileged port

When modifying HTTP.Listen or HTTPS.Listen to use a privileged port under 1024 like the configuration example above, you must grant the Package Manager binary permission to do so by issuing the following command:

Terminal
sudo setcap 'cap_net_bind_service=+ep' /opt/rstudio-pm/bin/rstudio-pm

Reference the Privileged Ports section for more details.

Then restart Package Manager by running the following command:

Terminal
sudo systemctl restart rstudio-pm

Configuring HTTP to HTTPS redirects

To redirect all HTTP traffic to the secure HTTPS endpoint, add the following lines to the Package Manager configuration file:

/etc/rstudio-pm/rstudio-pm.gcfg
[Server]
Address = https://<SERVER-ADDRESS>

[HTTPS]
Listen = :443
Permanent = true
Certificate = <PATH-TO-CERTIFICATE-FILE>
Key = <PATH-TO-KEY-FILE>

[HTTPRedirect]
Listen = :80
Note

For HTTP to HTTPS redirects to work properly, ensure that you remove the HTTP.Listen option from the configuration file if you have defined it.

Then restart Package Manager by running the following command:

Terminal
sudo systemctl restart rstudio-pm

For more information on SSL certificates and other related settings, refer to the HTTPS settings of the appendix.

Back to top