Changes for page Development-SSL requests via https protocol
Last modified by Aaron Rosenzweig on 2012/03/19 19:33
From version 52.1
edited by Kieran Kelleher
on 2008/07/22 15:44
on 2008/07/22 15:44
Change comment:
There is no comment for this version
To version 55.1
edited by Paul Hoadley
on 2012/03/19 19:33
on 2012/03/19 19:33
Change comment:
Deleted references that return a 404.
Summary
-
Page properties (3 modified, 0 added, 0 removed)
Details
- Page properties
-
- Title
-
... ... @@ -1,1 +1,1 @@ 1 - Web Applications-Development-SSL requests via https protocol1 +Development-SSL requests via https protocol - Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. kieran1 +XWiki.paulh - Content
-
... ... @@ -18,10 +18,8 @@ 18 18 === References === 19 19 20 20 * [[http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcert]] 21 -* [[http://homepage.mac.com/kelleherk/iblog/C463983418/E683365024/index.html]] 22 22 * [[http://www.macosxhints.com/article.php?story=20080628074917113]] 23 23 * [[http://www.macosxhints.com/article.php?story=20041129143420344]] 24 -* [[http://developer.apple.com/internet/serverside/modssl.html]] 25 25 26 26 == Development via Apache Webserver == 27 27 ... ... @@ -119,6 +119,22 @@ 119 119 120 120 {{/noformat}} 121 121 120 +~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~- 121 + 122 +JEFF SCHMITZ 123 + 124 +Right at this point I got the error: 125 + 126 +ulimit: open files: cannot modify limit: Invalid arg 127 + 128 +After a quick google search I found this which seems to have fixed the error: 129 + 130 +[[http://www.perkiset.org/forum/all_things_apple/apache_osx_and_ulimit_a_little_chunk_of_weirdness-t909.0.html]] 131 + 132 +Also, for my [[https://]]... links my rewrite rules in apache weren't getting fired. To get them to work I had to add them to the httpd-ssl.conf file just below the General setup stuff shown in the figure above. I just copied them from my httpd.conf file and pasted them in. Not sure if this is the best way to handle it, but it's working for me on my development machine at least. 133 + 134 +~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~- 135 + 122 122 Finally, verify that https is working: 123 123 124 124 {{panel title="Verify https://localhost is working"}} ... ... @@ -153,3 +153,37 @@ 153 153 log.debug( "secure mode set to " + secureMode ); 154 154 155 155 {{/code}} 170 + 171 +== Using SSL in DirectConnect == 172 + 173 +Mike Schrag said in early 2011 that it was possible to use SSL in DirectConnect, that is was simply hidden. A property was added to enable it, and instructions added to the Properties file of ERExtensions. This is the part from the Properties file: 174 + 175 +{{code}} 176 + 177 + 178 +## You should probably not enable any of these settings in a normal Apache webserver deployment, 179 +## in particular the ssl port property, as this is used by ERX to generate https URLs, which must 180 +## match your Apache config. 181 +## 182 +## To enable SSL support with DirectConnect, you must do the following: 183 +## 184 +## * In your Resources folder, run "keytool -genkey -alias WebObjects -keyalg RSA -keystore adaptorssl.key". Select a 185 +## password for your keystore (i.e. "changeit"), and set the "your first name and last name" field to match the hostname 186 +## that you will be running your directconnect app off of. 187 +## * In your Resources folder, create an executable script (it MUST BE EXECUTABLE) named "adaptorsslpassphrase" with the 188 +## contents: 189 +## echo changeit 190 +## where you should replace "changeit" for whatever password you selected in the previous step. 191 +## * Set the following property to true 192 +#er.extensions.ERXApplication.ssl.enabled=true 193 + 194 +## (optional) To specify an SSL host name other than what is returned from a call to 195 +## application.host(), you can override it below 196 +#er.extensions.ERXApplication.ssl.host=localhost 197 + 198 +## (optional) To select an SSL port other than 443, uncomment the following. If you are already running Apache with SSL, 199 +## you probably want to set this. If the port number is 0, the SSL port will be automatically assigned (using the same 200 +## mechanism that WO uses to set the regular port) 201 +#er.extensions.ERXApplication.ssl.port=0 202 + 203 +{{/code}}