Difference between revisions of "FAQ:Self Service Redirect to HTTPS"

From support-works
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 11: Line 11:
 
}}
 
}}
  
If you prefer you could re-direct http to https for Self service. This could also be applied to the web client.
+
If you prefer you could re-direct http to https for Self service. This could also be applied to the web client.  
You will need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf.
+
 
 +
1. The first thing to do is contact a company that issues certificates such as Verisign for example and purchase a certificate (and key) from them. Thereafter put the certificate and key in the \Hornbill\Core Services\Apache\conf\cs\ssl\ directory
 +
 
 +
2. You will then need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf.
  
 
This is the default 501_vhosts file:
 
This is the default 501_vhosts file:
Line 20: Line 23:
 
<VirtualHost _default_:443>
 
<VirtualHost _default_:443>
 
     SSLEngine on
 
     SSLEngine on
SSLProtocol all -SSLv2 -SSLv3 
+
...
SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH
+
 
SSLHonorCipherOrder On
 
 
     SSLCertificateFile "conf/cs/ssl/server.crt"
 
     SSLCertificateFile "conf/cs/ssl/server.crt"
 
     SSLCertificateKeyFile "conf/cs/ssl/server.key"
 
     SSLCertificateKeyFile "conf/cs/ssl/server.key"
    <FilesMatch "\.(cgi|shtml|phtml|php|phar)$">
+
  ...
        SSLOptions +StdEnvVars
 
    </FilesMatch>
 
  
    BrowserMatch ".*MSIE.*" ssl-unclean-shutdown
 
 
    CustomLog "logs/ssl_request.log" \
 
              "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 
 
    #RewriteEngine on
 
    ## Only allow access from non-routable IP addresses.
 
    #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\.
 
    #RewriteRule .* - [F]
 
 
    Include "conf/cs/apps/*.conf"
 
 
</VirtualHost>
 
</VirtualHost>
 
</pre>
 
</pre>
Line 48: Line 37:
  
 
<VirtualHost _default_:443>
 
<VirtualHost _default_:443>
    SSLEngine on
+
  ...
SSLProtocol all -SSLv2 -SSLv3 
+
 
SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH
 
SSLHonorCipherOrder On
 
 
     SSLCertificateFile "conf/cs/ssl/NEWCERTIFICATE.crt"
 
     SSLCertificateFile "conf/cs/ssl/NEWCERTIFICATE.crt"
 
     SSLCertificateKeyFile "conf/cs/ssl/NEWKEY.key"
 
     SSLCertificateKeyFile "conf/cs/ssl/NEWKEY.key"
    <FilesMatch "\.(cgi|shtml|phtml|php|phar)$">
+
  ...
        SSLOptions +StdEnvVars
+
 
    </FilesMatch>
+
</VirtualHost>
 +
</pre>
  
    BrowserMatch ".*MSIE.*" ssl-unclean-shutdown
 
  
    CustomLog "logs/ssl_request.log" \
+
3. Restart the Apache service so that the above changes take effect.
              "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 
  
    #RewriteEngine on
+
4. Thereafter access the _ssp_config.json file in \Hhornbill\Supportworks server\html\_selfservice\ directory and edit the _ssp_config.json file
    ## Only allow access from non-routable IP addresses.
 
    #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\.
 
    #RewriteRule .* - [F]
 
  
    Include "conf/cs/apps/*.conf"
+
<pre>
</VirtualHost>
+
"serverAddress" : http://<supportworks server>/sw/selfservice/
 +
</pre>
 +
 
 +
TO
 +
 
 +
<pre>
 +
"serverAddress" : https://<supportworks server>/sw/selfservice/
 
</pre>
 
</pre>
 +
 +
That should enable you to use Https without having to view the security warning page.

Latest revision as of 10:04, 26 June 2018



Status: Published
Version: 1.0
Authors: Hornbill Support
Applies to: Supportworks ITSM 4.x

If you prefer you could re-direct http to https for Self service. This could also be applied to the web client.

1. The first thing to do is contact a company that issues certificates such as Verisign for example and purchase a certificate (and key) from them. Thereafter put the certificate and key in the \Hornbill\Core Services\Apache\conf\cs\ssl\ directory

2. You will then need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf.

This is the default 501_vhosts file:

<VirtualHost _default_:443>
    SSLEngine on
	...

    SSLCertificateFile "conf/cs/ssl/server.crt"
    SSLCertificateKeyFile "conf/cs/ssl/server.key"
   ...

</VirtualHost>

Change it to the following:

<VirtualHost _default_:443>
   ...

    SSLCertificateFile "conf/cs/ssl/NEWCERTIFICATE.crt"
    SSLCertificateKeyFile "conf/cs/ssl/NEWKEY.key"
   ...

</VirtualHost>


3. Restart the Apache service so that the above changes take effect.

4. Thereafter access the _ssp_config.json file in \Hhornbill\Supportworks server\html\_selfservice\ directory and edit the _ssp_config.json file

"serverAddress" : http://<supportworks server>/sw/selfservice/

TO

"serverAddress" : https://<supportworks server>/sw/selfservice/

That should enable you to use Https without having to view the security warning page.