Setting up https secure connection

From Kolmisoft Wiki

Jump to: navigation, search

[edit] Installing SSL

In new MOR (starting from X14) and M2 installs, SSL with self-signed certificate is preconfigured (using external sever IP). If you have older MOR and M2 installations, and SSL was not configured previously, you can configure self-signed certificate in MOR/M2 by running the following script:

For MOR:

svn update /usr/src/mor
/usr/src/mor/x14/gui/ssl_install.sh 

For M2:

svn update /usr/src/m2
/usr/src/m2/gui/ssl_install.sh 


By default redirection from http to https is not enabled. To enable it, please open file /etc/httpd/conf.d/mor_ssl.conf (m2_ssl.conf for M2) and uncomment last line:

 ServerName IP_ADDRESS
 # RedirectMatch permanent ^/$ https://IP_ADDRESS/billing/callc/login

And restart httpd service

service httpd restart

Clear browser cache before testing redirect. Otherwise it might not work.

[edit] Configure Domain Name

If you have domain name, replace IP_ADDRESS (which will be your external IP address) with your domain name and regenerate certification files with new information with command bellow:

 openssl req -new -newkey rsa:4096 -days 365 -nodes  -x509   -keyout /etc/httpd/ssl/apache.key -out  /etc/httpd/ssl/apache.crt

Enter information as requested, in common name section please enter your domain name.

And restart httpd service

service httpd restart


[edit] Cron Actions

If SSL redirection is enabled, ensure that hourly actions are able to access GUI internally:

wget http://127.0.0.1/billing/callc/hourly_actions

if it does not work, adjust domain or add --no-check-certificate.

Once command works, make same adjustments on /etc/cron.d/mor_hourly_actions, mor_daily_actions and mor_monthly_actions.

!!!DO NOT TEST RUN daily AND monthly ACTIONS MANUALLY!!! just adjust cron files, save then and restart crond service.

Personal tools

Try MOR

Try M2