Self Service Redirect to HTTPS

From support-works
Revision as of 09:57, 26 June 2018 by Pamelal (talk | contribs)
Jump to navigation Jump to search



Status: Published
Version: 1.0
Authors: Hornbill Support
Applies to: Supportworks ITSM 4.x

If you prefer you could re-direct http to https for Self service. This could also be applied to the web client.

1. The first thing to do is contact a company that issues certificates such as Verisign for example and purchase a certificate (and key) from them. Thereafter put the certificate and key in the \Hornbill\Core Services\Apache\conf\cs\ssl\ directory

2. You will then need to edit the file in ..\Hornbill\Core Services\Apache\conf\cs\core\501_vhosts.conf.

This is the default 501_vhosts file:

<VirtualHost _default_:443>
    SSLEngine on
	SSLProtocol all -SSLv2 -SSLv3  
	SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH
	SSLHonorCipherOrder On
    SSLCertificateFile "conf/cs/ssl/server.crt"
    SSLCertificateKeyFile "conf/cs/ssl/server.key"
    <FilesMatch "\.(cgi|shtml|phtml|php|phar)$">
        SSLOptions +StdEnvVars
    </FilesMatch>

    BrowserMatch ".*MSIE.*" ssl-unclean-shutdown

    CustomLog "logs/ssl_request.log" \
              "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    #RewriteEngine on
    ## Only allow access from non-routable IP addresses.
    #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\.
    #RewriteRule .* - [F] 

    Include "conf/cs/apps/*.conf"
</VirtualHost>

Change it to the following:

<VirtualHost _default_:443>
    SSLEngine on
	SSLProtocol all -SSLv2 -SSLv3  
	SSLCipherSuite !RC4-SHA:HIGH:!ADH:!AECDH
	SSLHonorCipherOrder On
    SSLCertificateFile "conf/cs/ssl/NEWCERTIFICATE.crt"
    SSLCertificateKeyFile "conf/cs/ssl/NEWKEY.key"
    <FilesMatch "\.(cgi|shtml|phtml|php|phar)$">
        SSLOptions +StdEnvVars
    </FilesMatch>

    BrowserMatch ".*MSIE.*" ssl-unclean-shutdown

    CustomLog "logs/ssl_request.log" \
              "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    #RewriteEngine on
    ## Only allow access from non-routable IP addresses.
    #RewriteCond %{REMOTE_ADDR} !^(127|10|192\.168|172\.(1[6-9]|2[0-9]|3[0-1]))\.
    #RewriteRule .* - [F] 

    Include "conf/cs/apps/*.conf"
</VirtualHost>


3. Thereafter access the _ssp_config.json file in \Hhornbill\Supportworks server\html\_selfservice\ directory and edit the _ssp_config.json file

"serverAddress" : http://<supportworks server>/sw/selfservice/

to

"serverAddress" : https://<supportworks server>/sw/selfservice/

That should enable you to use Https without having to view the security warning page.