Changes for page Development-SSL requests via https protocol

Summary

• Page properties (3 modified, 0 added, 0 removed)

Details

Page properties

Title

...	...	@@ -1,1 +1,1 @@
1		-Web Applications-Development-SSL requests via https protocol
	1	+Development-SSL requests via https protocol

Author

...	...	@@ -1,1 +1,1 @@
1		-XWiki.kieran
	1	+XWiki.paulh

Content

...	...	@@ -18,10 +18,8 @@
18	18	=== References ===
19	19
20	20	* [[http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcert]]
21		-* [[http://homepage.mac.com/kelleherk/iblog/C463983418/E683365024/index.html]]
22	22	* [[http://www.macosxhints.com/article.php?story=20080628074917113]]
23	23	* [[http://www.macosxhints.com/article.php?story=20041129143420344]]
24		-* [[http://developer.apple.com/internet/serverside/modssl.html]]
25	25
26	26	== Development via Apache Webserver ==
27	27
...	...	@@ -119,6 +119,22 @@
119	119
120	120	{{/noformat}}
121	121
	120	+~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-
	121	+
	122	+JEFF SCHMITZ
	123	+
	124	+Right at this point I got the error:
	125	+
	126	+ulimit: open files: cannot modify limit: Invalid arg
	127	+
	128	+After a quick google search I found this which seems to have fixed the error:
	129	+
	130	+[[http://www.perkiset.org/forum/all_things_apple/apache_osx_and_ulimit_a_little_chunk_of_weirdness-t909.0.html]]
	131	+
	132	+Also, for my [[https://]]... links my rewrite rules in apache weren't getting fired.  To get them to work I had to add them to the httpd-ssl.conf file just below the General setup stuff shown in the figure above.  I just copied them from my httpd.conf file and pasted them in.  Not sure if this is the best way to handle it, but it's working for me on my development machine at least.
	133	+
	134	+~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-
	135	+
122	122	Finally, verify that https is working:
123	123
124	124	{{panel title="Verify https://localhost is working"}}
...	...	@@ -153,3 +153,37 @@
153	153	log.debug( "secure mode set to " + secureMode );
154	154
155	155	{{/code}}
	170	+
	171	+== Using SSL in DirectConnect ==
	172	+
	173	+Mike Schrag said in early 2011 that it was possible to use SSL in DirectConnect, that is was simply hidden. A property was added to enable it, and instructions added to the Properties file of ERExtensions. This is the part from the Properties file:
	174	+
	175	+{{code}}
	176	+
	177	+
	178	+## You should probably not enable any of these settings in a normal Apache webserver deployment,
	179	+## in particular the ssl port property, as this is used by ERX to generate https URLs, which must
	180	+## match your Apache config.
	181	+##
	182	+## To enable SSL support with DirectConnect, you must do the following:
	183	+##
	184	+## * In your Resources folder, run "keytool -genkey -alias WebObjects -keyalg RSA -keystore adaptorssl.key". Select a
	185	+## password for your keystore (i.e. "changeit"), and set the "your first name and last name" field to match the hostname
	186	+## that you will be running your directconnect app off of.
	187	+## * In your Resources folder, create an executable script (it MUST BE EXECUTABLE) named "adaptorsslpassphrase" with the
	188	+## contents:
	189	+## echo changeit
	190	+## where you should replace "changeit" for whatever password you selected in the previous step.
	191	+## * Set the following property to true
	192	+#er.extensions.ERXApplication.ssl.enabled=true
	193	+
	194	+## (optional) To specify an SSL host name other than what is returned from a call to
	195	+## application.host(), you can override it below
	196	+#er.extensions.ERXApplication.ssl.host=localhost
	197	+
	198	+## (optional) To select an SSL port other than 443, uncomment the following. If you are already running Apache with SSL,
	199	+## you probably want to set this. If the port number is 0, the SSL port will be automatically assigned (using the same
	200	+## mechanism that WO uses to set the regular port)
	201	+#er.extensions.ERXApplication.ssl.port=0
	202	+
	203	+{{/code}}