Difference between revisions of "Secure App Access"
From Amahi Wiki
(Created page with 'This is an example of how to force an app access via https. For this example, AjaXplorer will be used but this will work with any app. * Go to you config file for apache, '''cd…') |
(No difference)
|
Revision as of 22:23, 12 October 2009
This is an example of how to force an app access via https. For this example, AjaXplorer will be used but this will work with any app.
- Go to you config file for apache, cd /etc/httpd/conf/
- Now it is time to create a key and a crt. openssl genrsa -out filename.key 1024 then openssl req -new -key filename.key -x509 -days 1000 -out filename.crt It will ask you a few questions, just make sure that the Comman Name is the domain name.
- Next open up httpd.conf with you favorite editor and add NameVirtualHost *:443 somewhere in the conf file
- Open terminal and do yum -y install mod_ssl which is needed by apache to make this work.
- Now go to cd /etc/httpd/conf.d/ and find the file that has ajaxplorer in its name. You can type ls to list the files. And open it up with a text editor
- Edit it to like this:
<VirtualHost *:443> ServerName ajaxplorer ServerAlias username.yourhda.com SSLEngine On SSLCertificateFile /etc/httpd/conf/filename.crt SSLCertificateKeyFile /etc/httpd/conf/filename.key DocumentRoot /var/hda/web-apps/ajaxplorer/html <Directory "/var/hda/web-apps/ajaxplorer/html"> Options Indexes FollowSymLinks +ExecCGI AddHandler fcgid-script .fcg AllowOverride AuthConfig Order allow,deny Allow from all </Directory> </VirtualHost>
- Finaly create a file called 1026-ajaxplorerhttp.conf (note that the number may change for you) and put in this (also change things like the website name and etc):
<VirtualHost *:80> ServerName username.yourhda.com RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] ExpiresDefault "access plus 10 years" AddOutputFilterByType DEFLATE text/html text/plain text/xml </VirtualHost>
And that's all, you now have 128 bit encryption for ajaxplorer.