+31 (0)20-7881030 | info@networking4all.com English French

Helpdesk

Het aanmaken van een CSR voor Open-Xchange met Apache

 

Change Apache2's config

Modify Apache2-start up configuration:

# vim /etc/sysconfig/apache2

 default setting:

    APACHE_SERVER_FLAGS=""

 change to:

    APACHE_SERVER_FLAGS="-D SSL"



 add rewrite to APACHE_MODULES:

    APACHE_MODULES="access actions .... jk rewrite"

Create a SSL-certificate

Create a certificate for Apache2.

# openssl genrsa -out /etc/apache2/ssl.key/ox.key 2048

    Generating RSA private key, 2048 bit long modulus

    ++++....+++.................++++++.....++++++e is 65537 (0x10001)



 # openssl req -new -x509 -days 365 -key /etc/apache2/ssl.key/ox.key -out /etc/apache2/ssl.crt/ox.crt



    You are about to be asked to enter information that will be incorporated

    into your certificate request.

    What you are about to enter is what is called a Distinguished Name or a DN.

    There are quite a few fields but you can leave some blank

    For some fields there will be a default value,

    If you enter '.', the field will be left blank.

    -----

 Country Name (2 letter code) [AU]:DE

 State or Province Name (full name) [Some-State]: Germany, Berlin

 Locality Name (eg, city) []: Berlin

 Organization Name (eg, company) [Internet Widgits Pty Ltd]: OXTester

 Organizational Unit Name (eg, section) []:EDV-WebAdministration

 Common Name (eg, YOUR name) []: PROVIDE YOU OX MACHINE'S FULL URL HERE!

 Email Address []:webmaster[AT_noSpam]domain.tld

Create a config file for OX

Create a separate config file, e.g. '/etc/apache2/conf.d/sslox.conf' 

 <VirtualHost domain.tld:80>

    ServerAlias domain.tld

    ServerAdmin webmaster@domain.tld

    RewriteEngine on

    RewriteRule ^(.*) https://domain.tld$1

 </VirtualHost>


<VirtualHost _default_:443>

    DocumentRoot "/srv/www/htdocs"

    ServerAlias domain.tld

    ServerAdmin webmaster@domain.tld

    ErrorLog /var/log/apache2/error_log_ssl

    TransferLog /var/log/apache2/access_log_ssl

    SSLEngine on

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLCertificateFile /etc/apache2/ssl.crt/ox.crt

    SSLCertificateKeyFile /etc/apache2/ssl.key/ox.key



    <Files ~ ".(cgi|shtml|phtml|php3?)$">

       SSLOptions +StdEnvVars

    </Files>



    <Directory "/srv/www/cgi-bin">

       SSLOptions +StdEnvVars

 </Directory>



    SetEnvIf User-Agent ".*MSIE.*" 

       nokeepalive ssl-unclean-shutdown 

       downgrade-1.0 force-response-1.0

    CustomLog /var/log/apache2/ssl_request_log 

 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"

 </VirtualHost>

Change Apache2's config

Create the following file to simplify OX's startup to http://url instead of http://url/cgi-bin/login.pl 

# cd /srv/www/htdocs

 # vim index.html



Use the following file for an automatic redirect:



    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

        "http://www.w3.org/TR/REC-html4/loose.dtd">

    <html lang="de">

    <head>

        <!-- Weiterleitung zur OX-Startseite-->

        <META HTTP-EQUIV="Refresh" CONTENT="0; url=/cgi-bin/login.pl">

     </head>

    </html>

SSL Certificaten

Domeinnamen

Hosting


Resellers

Networking4all

Postbus 15320
1001 MH Amsterdam
The Netherlands

T: +31 (0)20-7881030
F: +31 (0)20-7881040
E: info@networking4all.com

rss twitter

Call me via Skype