Difference between revisions of "FAQ:Self Service Redirect to HTTPS"
Jump to navigation
Jump to search
Line 14: | Line 14: | ||
You will need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf. | You will need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf. | ||
− | + | This is the default 501_vhosts file: | |
<pre> | <pre> | ||
− | <VirtualHost _default_: | + | |
− | + | <VirtualHost _default_:443> | |
− | + | SSLEngine on | |
− | RewriteRule | + | SSLProtocol all -SSLv2 -SSLv3 |
− | Include "conf/cs/apps/*.conf" | + | SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH |
+ | SSLHonorCipherOrder On | ||
+ | SSLCertificateFile "conf/cs/ssl/server.crt" | ||
+ | SSLCertificateKeyFile "conf/cs/ssl/server.key" | ||
+ | <FilesMatch "\.(cgi|shtml|phtml|php|phar)$"> | ||
+ | SSLOptions +StdEnvVars | ||
+ | </FilesMatch> | ||
+ | |||
+ | BrowserMatch ".*MSIE.*" ssl-unclean-shutdown | ||
+ | |||
+ | CustomLog "logs/ssl_request.log" \ | ||
+ | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | ||
+ | |||
+ | #RewriteEngine on | ||
+ | ## Only allow access from non-routable IP addresses. | ||
+ | #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\. | ||
+ | #RewriteRule .* - [F] | ||
+ | |||
+ | Include "conf/cs/apps/*.conf" | ||
</VirtualHost> | </VirtualHost> | ||
</pre> | </pre> | ||
− | + | Change it to the following: | |
<pre> | <pre> | ||
− | <VirtualHost _default_: | + | |
− | + | <VirtualHost _default_:443> | |
− | + | SSLEngine on | |
− | + | SSLProtocol all -SSLv2 -SSLv3 | |
− | + | SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH | |
− | Include "conf/cs/apps/*.conf" | + | SSLHonorCipherOrder On |
+ | SSLCertificateFile "conf/cs/ssl/NEWCERTIFICATE.crt" | ||
+ | SSLCertificateKeyFile "conf/cs/ssl/NEWKEY.key" | ||
+ | <FilesMatch "\.(cgi|shtml|phtml|php|phar)$"> | ||
+ | SSLOptions +StdEnvVars | ||
+ | </FilesMatch> | ||
+ | |||
+ | BrowserMatch ".*MSIE.*" ssl-unclean-shutdown | ||
+ | |||
+ | CustomLog "logs/ssl_request.log" \ | ||
+ | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | ||
+ | |||
+ | #RewriteEngine on | ||
+ | ## Only allow access from non-routable IP addresses. | ||
+ | #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\. | ||
+ | #RewriteRule .* - [F] | ||
+ | |||
+ | Include "conf/cs/apps/*.conf" | ||
</VirtualHost> | </VirtualHost> | ||
</pre> | </pre> |
Revision as of 09:53, 26 June 2018
Status: | Published |
---|---|
Version: | 1.0 |
Authors: | Hornbill Support |
Applies to: | Supportworks ITSM 4.x |
If you prefer you could re-direct http to https for Self service. This could also be applied to the web client. You will need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf.
This is the default 501_vhosts file:
<VirtualHost _default_:443> SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH SSLHonorCipherOrder On SSLCertificateFile "conf/cs/ssl/server.crt" SSLCertificateKeyFile "conf/cs/ssl/server.key" <FilesMatch "\.(cgi|shtml|phtml|php|phar)$"> SSLOptions +StdEnvVars </FilesMatch> BrowserMatch ".*MSIE.*" ssl-unclean-shutdown CustomLog "logs/ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" #RewriteEngine on ## Only allow access from non-routable IP addresses. #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\. #RewriteRule .* - [F] Include "conf/cs/apps/*.conf" </VirtualHost>
Change it to the following:
<VirtualHost _default_:443> SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH SSLHonorCipherOrder On SSLCertificateFile "conf/cs/ssl/NEWCERTIFICATE.crt" SSLCertificateKeyFile "conf/cs/ssl/NEWKEY.key" <FilesMatch "\.(cgi|shtml|phtml|php|phar)$"> SSLOptions +StdEnvVars </FilesMatch> BrowserMatch ".*MSIE.*" ssl-unclean-shutdown CustomLog "logs/ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" #RewriteEngine on ## Only allow access from non-routable IP addresses. #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\. #RewriteRule .* - [F] Include "conf/cs/apps/*.conf" </VirtualHost>