Secure App Access

From Amahi Wiki
Revision as of 03:09, 9 August 2011 by Bigfoot65 (talk | contribs)
Jump to: navigation, search
Warning.png WARNING
This is recommended only for advanced users, proceed with caution.


This is an example of how to force an app access via https. For this example, AjaXplorer will be used but this will work with any app.

  • Go to you config file for apache, cd /etc/httpd/conf/
  • Now it is time to create a key and a crt. openssl genrsa -out filename.key 1024 then openssl req -new -key filename.key -x509 -days 1000 -out filename.crt It will ask you a few questions, just make sure that the Common Name is the domain name.
  • Next open up httpd.conf with you favorite editor and add NameVirtualHost *:443 somewhere in the conf file
  • Open terminal and do yum -y install mod_ssl which is needed by apache to make this work.
  • Now go to cd /etc/httpd/conf.d/ and find the file that has ajaxplorer in its name. You can type ls to list the files. And open it up with a text editor
  • Edit it to like this:
    <VirtualHost *:443>
        ServerName ajaxplorer
        ServerAlias username.yourhda.com
        SSLEngine On
        SSLCertificateFile /etc/httpd/conf/filename.crt
        SSLCertificateKeyFile /etc/httpd/conf/filename.key

        DocumentRoot /var/hda/web-apps/ajaxplorer/html

        <Directory "/var/hda/web-apps/ajaxplorer/html">
                Options Indexes FollowSymLinks +ExecCGI
                AddHandler fcgid-script .fcg
                AllowOverride AuthConfig
                Order allow,deny
                Allow from all
        </Directory>

    </VirtualHost>
 
  • Finaly create a file called 1026-ajaxplorerhttp.conf (note that the number may change for you) and put in this (also change things like the website name and etc):
    <VirtualHost *:80>
        ServerName username.yourhda.com
        RewriteEngine On
        RewriteCond  %{SERVER_PORT} !^443$
        RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

        ExpiresDefault "access plus 10 years"

        AddOutputFilterByType DEFLATE text/html text/plain text/xml

    </VirtualHost>

And that's all, you now have 128 bit encryption for ajaxplorer.

See also

Access HDA over SSL