Security

Securing a Mango installation involves encrypting network traffic with SSL/TLS, integrating with enterprise identity providers, and optionally deploying behind a reverse proxy for additional protection. This section covers all of these topics.

• Generate an SSL Keystore -- Creating a Java keystore from commercial SSL certificates for enabling HTTPS on Mango.
• SSL with Certbot -- Automating free SSL certificate issuance and renewal using Let's Encrypt and Certbot.
• LDAP Configuration -- Integrating Mango authentication with an LDAP or Active Directory server.
• OAuth 2.0 / OpenID Connect Setup -- Configuring single sign-on (SSO) with Google, Microsoft Azure AD, or other OpenID Connect providers.
• Reverse Proxy Configuration -- Deploying Mango behind an Apache reverse proxy with SSL termination and WebSocket support.