Teleport HTTPS with a FQDN on Apache

I have an apache server running on my machine with HTTPS and a FQDM. I have tried installing teleport so that I can access my machine with my domain name. When I add the certificate to the proxy ports in my apache config file it will not work because teleport is using them. How should I go about doing this?

Hey @calebdane.r,

Which version of Teleport are you using?

Can you provide any logs. If Teleport services are not starting, you can take a look at the syslog:

sudo journalctl -fu teleport

I assume you updated your advertise_ip accordingly in your teleport.yaml file - the value can be specified as an FQDN.

Also can you elaborate on your current set up. Are you attempting to put a local Apache proxy in front of Teleport? If so, I recall seeing the Apache config does not explicitly support websockets so this may be the issue you are running into. Although such a set up would be possible, it is recommended to hit the backend directly and bypass Apache completely if possible. Teleport is capable of terminating TLS + handling high number of concurrent connections.

I am running teleport 4.1.1

I was playing with the config file and just couldn’t get it right. When I get home I can post what I have here to show you. Do you know which items I need in that file to get it to work with https?

I am hosting a website on the Apache server that I would like to be able access with the domain name as normal but then if I use domain.com:3380 I would like it to connect to the node.

I suppose I could run my website from a different server and just run teleport on its own machine.

You should theoretically be able to use Apache as a reverse proxy for access to the Teleport web UI if this is what you want, but I’ve never tried to set this up. You’d likely need to use a subdomain (something like teleport.fqdn.com) though because Teleport doesn’t support changing the base path used by the UI. You would also need to make sure that websockets are supported as Abdu says.

It’s been a while since I’ve done anything with Apache (because Caddy is way easier to set up and use) but if you post your Apache and Teleport config files I can try to assist.

If you literally just want fqdn.com:3080 to point to Teleport, that should be way easier to achieve.