Secure App Access

From Amahi Wiki
Revision as of 01:35, 2 September 2011 by Bigfoot65 (talk | contribs)
Jump to: navigation, search
Warning.png WARNING
This is recommended only for advanced users, proceed with caution.


This is an example of how to force web app access via HTTPS. For this example, AjaXplorer will be used but this will work with any web app.

  • Go to your config file for apache:
bash code
​cd /etc/httpd/conf​
  • Now it is time to create a key and a crt. It will ask you a few questions, just make sure that the Common Name is the domain name:
bash code
​openssl genrsa -out filename.key 1024 openssl req -new -key filename.key -x509 -days 1000 -out filename.crt​
  • Next open up /etc/httpd/conf/httpd.conf with you favorite editor and add the following to the end (skip if you implemented Access HDA over SSL):
Text
​NameVirtualHost *:443​
bash code
​yum -y install mod_ssl​
  • Find the file that has ajaxplorer in its name (i.e. 1026-ajaxplorer.conf):
bash code
​cd /etc/httpd/conf.d/​
  • Edit it to like this (change username.yourhda.com):
Text
​<VirtualHost *:443> ServerName ajaxplorer ServerAlias username.yourhda.com SSLEngine On SSLCertificateFile /etc/httpd/conf/filename.crt SSLCertificateKeyFile /etc/httpd/conf/filename.key DocumentRoot /var/hda/web-apps/ajaxplorer/html <Directory "/var/hda/web-apps/ajaxplorer/html"> Options Indexes FollowSymLinks +ExecCGI AddHandler fcgid-script .fcg AllowOverride AuthConfig Order allow,deny Allow from all </Directory> </VirtualHost>​
  • Finally create a file called 1026-ajaxplorerhttp.conf (number may be different for you) and add this code (change username.hda.com):
Text
​<VirtualHost *:80> ServerName ajaxplorer ServerAlias username.yourhda.com RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] ExpiresDefault "access plus 10 years" AddOutputFilterByType DEFLATE text/html text/plain text/xml </VirtualHost>​
  • Now you need to restart apache:
bash code
​service httpd restart​
  • And that's all, you now have 128 bit encryption for AjaXplorer. Note that when you uninstall the app, you will need to manually remove the 1026-ajaxplorerhttp.conf file you created.

See also

Access HDA over SSL

Retrieved from "https://wiki.amahi.org/index.php?title=Secure_App_Access&oldid=46309"