No SSL Support in Mendix

4
Hi Why doesn't Mendix support SSL out of the box? The suggested solution to add a reverse proxy for SSL seems to me as a significant increase of the system requirement. For large production environment this could be fine solution but for small environments and testing this is a little over the top. Does Mendix plan to add this in the near future? Kind Regards Maurice Vercouteren
asked
1 answers
6

Long answer: That's a good question. It basically boils down to: use the right tool for the job. The Business Server is an application server. Application servers are good at handling your application's logic, not so good at serving files or handling encryption.

Reverse proxies like Nginx and Apache are built especially for those purposes and are much more efficient at executing the tasks. Adding the same functionality to the Business Server would mean more code to maintain, more bugs, more support (people will want to know why HTTPS is so slow in Java, while Nginx can do it so fast). It's just not a good idea.

So why did we include a file handler but not SSL? The file handler is essential for your testing/development environment. SSL is not.

Besides that, the file handler is not designed to work on your acceptance/production environment (slow, no caching, easy to do DoS, ie. none of the functions you'd expect from a file server). There you should set up Nginx to handle requests to /file.

Short answer: It is indeed a good idea to have SSL and it is indeed overkill to set up nginx manually for testing. That's why we automated it in the Mendix Cloud, where all environments are HTTPS enabled (through nginx of course). You can get a trial account with 30-day Cloud deployment at http://mendix.com/try (sorry, that link is not https ;) )

answered