Instant Infrastructure
Want to enable https for projectpierSubmitted by lkirkbride on Tue, 04/15/2008 - 8:31am.I am again very new to all of this....I am much more familiar with IIS and Windows (don't hold it against me). I want to enable SSL for the entire Projectpier site. I just need to know the process to enable this. Thanks Lucas |
Search |
Want to enable https for projectpier
Again, you will need shell access to do this so this will only work if you have registered your JumpBox and enabled shell access.
If you SSH in and edit the file /etc/apache2/sites-enabled/000-default as root:
remove the following lines:
RewriteEngine On RewriteRule ^/(.*) http://%{SERVER_ADDR}/$1 [L,R]from the "VirtualHost *:443" block at the end and paste the content of the "VirtualHost *" block in its place and restart apache:
You should then be able to access the application over SSL.
BTW, we have added this as a feature in our newer beta platform so you don't have to monkey around like this. Our old apps will eventually be moved onto this plaftorm, but we don't have a published timescale.
Austin
Want to enable https for projectpier
OK this did not work so well.
I did as you suggested and removed the lines and I cut and paste the content from the VirtualHost block into its place. All of the content.
That left the "VirtualHost *" block empty and the "VirutalHost *:443" block with all the info.
I then restarted apache and got the following errors
* Forcing reload of apache 2.0 web server... apache2: Could not determine the server's fully qualified domain name, using "PRIVATE IP" for ServerName
apache2: Could not determine the server's fully qualified domain name, using "PRIVATE IP" for ServerName
[ ok ]
Please help I don't think Apache restarted and now I have no pages.
Thanks
Lucas
Want to enable https for projectpier
Well, the "-B" in the nano command should have created a backup. You can revert to that and restart apache:
sudo mv /etc/apache2/sites-enabled/000-default~ /etc/apache2/sites-enabled/000-default
sudo /etc/init.d/apache2 restart
But are you sure its not running? Those are just warnings.
And actually, I didn't mean MOVE that block, I just meant COPY it and restart. This would allow access over both http and https.
Austin
Want to enable https for projectpier
I reverted back to the backup of the 000-default file and all is working now. I understand that you didn't mean for me to MOVE it just to COPY it, however I only want projectpier to work with https. I won't have control over how some of the users interact with the website and I want to force them to use https everytime. My users aren't very tech savy and would not understand that if they didn't enter in the https address they wouldn't be encrypted. I figured that if I moved the lines rather than copy them I would actually not allow the site to work over http. I haven't tried to see if it will work by just COPYING the text so I will do that first. Ultimately I would like to force the use of only https.
Thanks
Lucas
Want to enable https for projectpier
In that case, in the "VirtualHost *" get rid of the block:
Include /jumpbox/etc/apache2/jumpbox-app Include /jumpbox/etc/apache2/jumpbox-widget Include /jumpbox/etc/apache2/jumpbox-proxy Alias /jbimages /jumpbox/application_portal/public/images <Directory /jumpbox/application_portal/public/images> AllowOverride None Order allow,deny allow from all </Directory>and replace it with:
RewriteEngine On RewriteRule ^/(.*) https://%{SERVER_ADDR}/$1 [L,R]I think thats it, I haven't tried it. Just make sure you save a copy of the file to revert back to and test to see that its working right for ya. Also be warned that different browsers cache these redirects differently so even though you have made a change it may not quite be reflected immediately. So you sometimes have to do a force refresh of the page.
Let us know how it goes.
Austin
Want to enable https for projectpier
OK so that did work with one revision...I had to replace %{SERVER_ADDR} with my desired URL or it refered back to the private IP again.
Now however I have another issue. You can start a new thread if you like however I thought I would include it as a point of referance due to the fact that the above changes caused the new behavior.
I now am experiencing the loop back issue with the login screen and checking the "Remember Me" box does not help. Before when I was just using http I could check the box and the loop back issue would not occur. A pain yes but still a work around. Now I don't even have that. Is there a way to fix this behavior. I hadn't seen anything outside of the "Remember Me" work around to fix this.
Thanks
Lucas
Want to enable https for projectpier
OK I fixed my issue. I got to thinking about what all we had been doing and realized that in my first forum thread regarding the Private IP issue we had changed the Variable to http://"My URL"....so I went back to the config file and changed it to https://"My URL" now I am able to check the "Remember Me" box and get into the application. So I am good to go now.
Thanks
Lucas Kirkbride