Secure App Access

From Amahi Wiki
Revision as of 14:06, 7 December 2010 by Bigfoot65 (talk | contribs)
Jump to: navigation, search

This is an example of how to force an app access via https. For this example, AjaXplorer will be used but this will work with any app.

  • Go to you config file for apache, cd /etc/httpd/conf/
  • Now it is time to create a key and a crt. openssl genrsa -out filename.key 1024 then openssl req -new -key filename.key -x509 -days 1000 -out filename.crt It will ask you a few questions, just make sure that the Common Name is the domain name.
  • Next open up httpd.conf with you favorite editor and add NameVirtualHost *:443 somewhere in the conf file
  • Open terminal and do yum -y install mod_ssl which is needed by apache to make this work.
  • Now go to cd /etc/httpd/conf.d/ and find the file that has ajaxplorer in its name. You can type ls to list the files. And open it up with a text editor
  • Edit it to like this:
    <VirtualHost *:443>
        ServerName ajaxplorer
        ServerAlias username.yourhda.com
        SSLEngine On
        SSLCertificateFile /etc/httpd/conf/filename.crt
        SSLCertificateKeyFile /etc/httpd/conf/filename.key

        DocumentRoot /var/hda/web-apps/ajaxplorer/html

        <Directory "/var/hda/web-apps/ajaxplorer/html">
                Options Indexes FollowSymLinks +ExecCGI
                AddHandler fcgid-script .fcg
                AllowOverride AuthConfig
                Order allow,deny
                Allow from all
        </Directory>

    </VirtualHost>
 
  • Finaly create a file called 1026-ajaxplorerhttp.conf (note that the number may change for you) and put in this (also change things like the website name and etc):
    <VirtualHost *:80>
        ServerName username.yourhda.com
        RewriteEngine On
        RewriteCond  %{SERVER_PORT} !^443$
        RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

        ExpiresDefault "access plus 10 years"

        AddOutputFilterByType DEFLATE text/html text/plain text/xml

    </VirtualHost>

And that's all, you now have 128 bit encryption for ajaxplorer.