Difference between revisions of "Secure App Access"

From Amahi Wiki
Jump to: navigation, search
Line 18: Line 18:
 
{{Code|cd /etc/httpd/conf.d/}}   
 
{{Code|cd /etc/httpd/conf.d/}}   
 
* Edit it to like this:
 
* Edit it to like this:
{{Code|<pre>
+
{{Code|<VirtualHost *:443>
    <VirtualHost *:443>
 
 
         ServerName ajaxplorer
 
         ServerName ajaxplorer
 
         ServerAlias username.yourhda.com
 
         ServerAlias username.yourhda.com
Line 36: Line 35:
 
         </Directory>
 
         </Directory>
  
     </VirtualHost>
+
     </VirtualHost>}}
</pre>}}
 
 
*  Finaly create a file called 1026-ajaxplorerhttp.conf (note that the number may change for you) and put in this (also change things like the website name and etc):
 
*  Finaly create a file called 1026-ajaxplorerhttp.conf (note that the number may change for you) and put in this (also change things like the website name and etc):
 
{{Code|<pre>
 
{{Code|<pre>

Revision as of 03:16, 9 August 2011

Warning.png WARNING
This is recommended only for advanced users, proceed with caution.


This is an example of how to force an app access via https. For this example, AjaXplorer will be used but this will work with any app.

  • Go to your config file for apache:
bash code
​cd /etc/httpd/conf​
  • Now it is time to create a key and a crt. It will ask you a few questions, just make sure that the Common Name is the domain name:
bash code
​openssl genrsa -out filename.key 1024 openssl req -new -key filename.key -x509 -days 1000 -out filename.crt​
  • Next open up httpd.conf with you favorite editor and add the following to the end:
Text
​NameVirtualHost *:443​
  • Open terminal and do (needed by apache to make this work):
bash code
​yum -y install mod_ssl​
  • Find the file that has ajaxplorer in its name:
bash code
​cd /etc/httpd/conf.d/​
  • Edit it to like this:
bash code
​<VirtualHost *:443> ServerName ajaxplorer ServerAlias username.yourhda.com SSLEngine On SSLCertificateFile /etc/httpd/conf/filename.crt SSLCertificateKeyFile /etc/httpd/conf/filename.key DocumentRoot /var/hda/web-apps/ajaxplorer/html <Directory "/var/hda/web-apps/ajaxplorer/html"> Options Indexes FollowSymLinks +ExecCGI AddHandler fcgid-script .fcg AllowOverride AuthConfig Order allow,deny Allow from all </Directory> </VirtualHost>​
  • Finaly create a file called 1026-ajaxplorerhttp.conf (note that the number may change for you) and put in this (also change things like the website name and etc):
bash code
​'"`UNIQ--pre-00000006-QINU`"'​


  • Now you need to restart apache:
bash code
​service httpd restart​


And that's all, you now have 128 bit encryption for ajaxplorer.

See also

Access HDA over SSL