Difference between revisions of "FAQ:Self Service Redirect to HTTPS"
Jump to navigation
Jump to search
| Line 14: | Line 14: | ||
You will need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf. | You will need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf. | ||
| − | + | This is the default 501_vhosts file: | |
<pre> | <pre> | ||
| − | <VirtualHost _default_: | + | |
| − | + | <VirtualHost _default_:443> | |
| − | + | SSLEngine on | |
| − | RewriteRule | + | SSLProtocol all -SSLv2 -SSLv3 |
| − | Include "conf/cs/apps/*.conf" | + | SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH |
| + | SSLHonorCipherOrder On | ||
| + | SSLCertificateFile "conf/cs/ssl/server.crt" | ||
| + | SSLCertificateKeyFile "conf/cs/ssl/server.key" | ||
| + | <FilesMatch "\.(cgi|shtml|phtml|php|phar)$"> | ||
| + | SSLOptions +StdEnvVars | ||
| + | </FilesMatch> | ||
| + | |||
| + | BrowserMatch ".*MSIE.*" ssl-unclean-shutdown | ||
| + | |||
| + | CustomLog "logs/ssl_request.log" \ | ||
| + | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | ||
| + | |||
| + | #RewriteEngine on | ||
| + | ## Only allow access from non-routable IP addresses. | ||
| + | #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\. | ||
| + | #RewriteRule .* - [F] | ||
| + | |||
| + | Include "conf/cs/apps/*.conf" | ||
</VirtualHost> | </VirtualHost> | ||
</pre> | </pre> | ||
| − | + | Change it to the following: | |
<pre> | <pre> | ||
| − | <VirtualHost _default_: | + | |
| − | + | <VirtualHost _default_:443> | |
| − | + | SSLEngine on | |
| − | + | SSLProtocol all -SSLv2 -SSLv3 | |
| − | + | SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH | |
| − | Include "conf/cs/apps/*.conf" | + | SSLHonorCipherOrder On |
| + | SSLCertificateFile "conf/cs/ssl/NEWCERTIFICATE.crt" | ||
| + | SSLCertificateKeyFile "conf/cs/ssl/NEWKEY.key" | ||
| + | <FilesMatch "\.(cgi|shtml|phtml|php|phar)$"> | ||
| + | SSLOptions +StdEnvVars | ||
| + | </FilesMatch> | ||
| + | |||
| + | BrowserMatch ".*MSIE.*" ssl-unclean-shutdown | ||
| + | |||
| + | CustomLog "logs/ssl_request.log" \ | ||
| + | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | ||
| + | |||
| + | #RewriteEngine on | ||
| + | ## Only allow access from non-routable IP addresses. | ||
| + | #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\. | ||
| + | #RewriteRule .* - [F] | ||
| + | |||
| + | Include "conf/cs/apps/*.conf" | ||
</VirtualHost> | </VirtualHost> | ||
</pre> | </pre> | ||
Revision as of 09:53, 26 June 2018
| Status: | Published |
|---|---|
| Version: | 1.0 |
| Authors: | Hornbill Support |
| Applies to: | Supportworks ITSM 4.x |
If you prefer you could re-direct http to https for Self service. This could also be applied to the web client. You will need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf.
This is the default 501_vhosts file:
<VirtualHost _default_:443>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH
SSLHonorCipherOrder On
SSLCertificateFile "conf/cs/ssl/server.crt"
SSLCertificateKeyFile "conf/cs/ssl/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php|phar)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch ".*MSIE.*" ssl-unclean-shutdown
CustomLog "logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
#RewriteEngine on
## Only allow access from non-routable IP addresses.
#RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\.
#RewriteRule .* - [F]
Include "conf/cs/apps/*.conf"
</VirtualHost>
Change it to the following:
<VirtualHost _default_:443>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH
SSLHonorCipherOrder On
SSLCertificateFile "conf/cs/ssl/NEWCERTIFICATE.crt"
SSLCertificateKeyFile "conf/cs/ssl/NEWKEY.key"
<FilesMatch "\.(cgi|shtml|phtml|php|phar)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch ".*MSIE.*" ssl-unclean-shutdown
CustomLog "logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
#RewriteEngine on
## Only allow access from non-routable IP addresses.
#RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\.
#RewriteRule .* - [F]
Include "conf/cs/apps/*.conf"
</VirtualHost>