Marius Flage wrote:

Steve Clark skrev:

...

Does anyone have documentation on the steps necessary to use https for OTRS. I saw in sysconfig an option for https - but I know changes have to be made in the apache config as well as making a certificate.

Just look at the apache documentation for enabling SSL. It's all down to that. The only thing in the OTRS configuration is about generating of the URLs.

Here's my configuration:

# ls -l /etc/apache2/sites-available/ total 4 -rw-r--r-- 1 root root 1160 2007-10-16 11:49 default lrwxrwxrwx 1 root root 43 2007-10-19 11:27 <hostname> -> /var/vhosts/<hostname>/etc/apache2.conf lrwxrwxrwx 1 root root 47 2007-10-19 13:41 <hostname>.ssl -> /var/vhosts/<hostname>/etc/apache2.ssl.conf

Relevant configuration files:

# cat /var/vhosts/<hostname>/etc/apache2.conf ServerName <hostname> DocumentRoot /var/vhosts/<hostname>/htdocs ErrorLog /var/vhosts/<hostname>/log/error.log CustomLog /var/vhosts/<hostname>/log/access.log combined RedirectMatch ^/otrs/$ https://<hostname>/otrs/ RedirectMatch ^/$ https://<hostname>/otrs/ </VirtualHost>

# cat /var/vhosts/<hostname>/etc/apache2.ssl.conf NameVirtualHost *:443 ServerName <hostname>:443 DocumentRoot /var/vhosts/<hostname>/htdocs/ CustomLog /var/vhosts/<hostname>/log/access.log combined ErrorLog /var/vhosts/<hostname>/log/error.log SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /var/vhosts/<hostname>/etc/ssl/apache.pem RedirectMatch ^/$ /otrs/ </VirtualHost>

/var/vhosts/<hostname>/etc/ssl/apache.pem contains the self-signed certificate.

That should be it :) Of course make sure you have the relevant modules for apache loaded. I use mod_ssl.

Marius _______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/

Thanks - I was also wondering in admin->sysconfig->core there is a selection for http/https what does it do?

On Thu, 2007-12-20 at 16:43 +0100, Peter Hoogkamer wrote:

I am using standard OTRS so with an Apache web server. Is SSL included with this apache server or should I take different steps to enable ssl?

You need to either download and use mod_ssl which is a module for apache that enables SSL or you need to install apache-ssl. I strongly suggest using the first approach. It should be packaged with your package manager if you're using a decent distro. In Debian mod_ssl is packaged with Apache2, so it's just a matter of enabling the module: 'a2enmod ssl' or just 'a2enmod' to get a list of available modules and act accordingly. Hope this helps. Marius

Hello Marius, I have found a website wich explains how to insert mod_ssl into apache on windows. I am going to try this with the apache within otrs. I people would like to have the info. Let me know. The website is in dutch. Peter 2007/12/20, Peter Hoogkamer :

Hello Marius,

I am aware of the linux way, but I am using a Windows Server 2003 system with OTRS installed with Apache 2.2. Are you suggesting that I should search for mod_ssl and insert this in the existing apache configuration?

Peter

2007/12/20, Marius Flage :

...

On Thu, 2007-12-20 at 16:43 +0100, Peter Hoogkamer wrote:

...

I am using standard OTRS so with an Apache web server. Is SSL included with this apache server or should I take different steps to enable ssl?

You need to either download and use mod_ssl which is a module for apache that enables SSL or you need to install apache-ssl. I strongly suggest using the first approach. It should be packaged with your package manager if you're using a decent distro. In Debian mod_ssl is packaged with Apache2, so it's just a matter of enabling the module: 'a2enmod ssl' or just 'a2enmod' to get a list of available modules and act accordingly.

Hope this helps.

Marius

_______________________________________________ OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs Support or consulting for your OTRS system? => http://www.otrs.com/

On Thu, 2007-12-20 at 15:50 +0100, Peter Hoogkamer wrote:

Does anybody of you have any idea how to get https going under windows?? I have an standard OTRS::ITSM 2.2.4 installation on a 2003 Server.

The same applies for Windows as for Linux. It has nothing to do with OTRS, it all depends on the web server running and its capabilities to handle SSL. I'm guessing you're using IIS, so you should look up the configuration for that (and good luck to you!). I seem to recall doing something like this a while ago, and then it was simply a matter of clicking through a few dialogs. You can either add another port to the existing virtual host or just add a new one. Marius