YaST-Webservice-Client
========================
After you have installed the package you can start the nginx server with the
command line:

rcyastwc start


You can connect to the local server which can be started with the command:

rcyastws start

(packages webyast-*-ws)


HTTPS Protocol and SSL Certificates
=====================================

   An SSL certificate is needed to encrypt the connection between the users
   browser and the YaST2 Webclient. This SSL certificate is created
   automatically on the first &wyservice; startup (if it does not already
   exist).

   You may want to use your own certificate or a certificate signed by your
   company. If the certificate files already exist, they are not changed in
   any way. Custom certificates can be either placed manually, or can be
   put into the appliance when it is created (with SUSE Studio, SUSE Studio
   Onsite or Kiwi).
   The certificate files are located in the 
     /etc/lighttpd/certs/
   directory. The name of the certificate file is 
     webyast.pem .
   The name of the certificate's key file is 
     webyast.key .

   The file permissions should be set to 0600 for the webyast.key
   file. For the webyast.pem file, the permissions should be set to
   0644. The user and user group for both of these files should be set to 
   nginx.

   To change the certificate, you can either place your own certificate
   files in the /etc/lighttpd/certs/ directory, or configure WebYaST to use 
   a different certificate directory.

   To configure a different certificate directory, edit the ssl_certificate
   and ssl_certificate_key options in the /etc/yastwc/nginx.conf configuration
   file and restart the WebYaST server with the 
     rcyastwc restart
   command.



APPENDIX:

Generating a SSL certification
--------------------------------

If you’re creating your own SSL certification you can use following
command:

openssl req -new -x509 -keyout host.pem -out host.pem -days 365 -nodes

Split this file (host.pem) into a *.key and .pem file.
