[rt-users] RT SSL implementation
Nelson Pereira
npereira at protus.com
Tue Apr 15 14:06:36 EDT 2008
Ok, so I got to read up a bit.
The PEM files are the .key and .crt when generating self signed ssl
certs and keys... ok I get that...
What I did is I put in the lines bellow in the
/etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
Also changed the RT_SiteConfig.pm for the line bellow:
Set($WebBaseURL , "http://10.98.5.253:$WebPort");
is now :
Set($WebBaseURL , "https://10.98.5.253");
Restarted the server and no errors, see the logs:
[Tue Apr 15 14:09:13 2008] [notice] caught SIGTERM, shutting down
[Tue Apr 15 14:09:16 2008] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Tue Apr 15 14:09:18 2008] [notice] Digest: generating secret for digest
authentication ...
[Tue Apr 15 14:09:18 2008] [notice] Digest: done
[Tue Apr 15 14:09:18 2008] [notice] mod_python: Creating 4 session
mutexes based on 256 max processes and 0 max threads.
[Tue Apr 15 14:09:18 2008] [notice] Apache/2.2.3 (Red Hat) configured --
resuming normal operations
Yet, when going to https://10.98.5.253 I still get a page cannot be
displayed and the httpd error log states:
[Tue Apr 15 14:10:30 2008] [error] [client 10.98.5.250] Invalid method
in request \x16\x03\x01
What am I missing?
Regards,
Nelson Pereira
-----Original Message-----
From: Drew Barnes [mailto:barnesaw at ucrwcu.rwc.uc.edu]
Sent: Tuesday, April 15, 2008 12:47 PM
To: Nelson Pereira
Cc: Jeffrey Lee; rt-users at lists.bestpractical.com
Subject: Re: [rt-users] RT SSL implementation
SSL-specific portions from my rt.conf in /etc/httpd/conf.d/ :
ServerAdmin root
SSLEngine On
SSLCertificateFile /etc/httpd/conf/ssl.crt/cert.pem
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/certkey.pem
I didn't have to add anything else for it to work. You may look into
redirecting anything that goes to port 80, but that isn't necessary.
And from RT_SiteConfig.pm :
Set($WebBaseURL , "https://server.domain");
Nelson Pereira wrote:
>
> Jeff,
>
>
>
> Can you point me to an article on how to setup RT for SSL (https://)?
>
> I've been trying to set this up for 2 days now, and can't seem to get
> it going.
>
> I took the HTTPD.conf lines to SSL.conf but that did not help.
>
>
>
> Let me know, I would be interested in looking at your RT_SiteConfig.pm
> as well as your ssl.conf and httpd.conf
>
>
>
> Thanks
>
>
>
>
>
> Regards,
>
>
>
> Nelson Pereira
>
>
------------------------------------------------------------------------
>
> *From:* rt-users-bounces at lists.bestpractical.com
> [mailto:rt-users-bounces at lists.bestpractical.com] *On Behalf Of
> *Jeffrey Lee
> *Sent:* Friday, April 11, 2008 2:08 PM
> *To:* rt-users at lists.bestpractical.com
> *Subject:* [rt-users] RT SSL implementation
>
>
>
> Hi guys,
>
>
>
> I've implemented SSL on my RT box, but for some reason anytime I
> update or create a new ticket, Rt tries to redirect the browser to
> http:// (my server name):443/ how do I change the redirect after
> the creation or updating of a ticket?
>
>
>
> -Jeff
>
>
------------------------------------------------------------------------
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
More information about the rt-users
mailing list