We are required to use HTTPS SSL (Port 443 has been configured, and listening)
We have obtained our Public IP address.
We have created the local signed CA
We have configured the Virtual Host Container. It is empty.
We need some help with the Next step to complete testing.
Do we need to change the ProfoundUi Conf file?
mark
Ready to allow Internet activity
-
- New User
- Posts: 1
- Joined: Thu May 17, 2012 7:38 am
- First Name: Carl
- Last Name: Fischer
- Company Name: Accurate Data Payroll
- Contact:
-
- Experienced User
- Posts: 2711
- Joined: Wed Aug 01, 2012 8:58 am
- First Name: Scott
- Last Name: Klement
- Company Name: Profound Logic
- City: Milwaukee
- State / Province: Wisconsin
Re: Ready to allow Internet activity
The IBM HTTP Server (powered by Apache) can be configured in multiple "instances". Within each instance, you can configure separate virtual hosts that represent different port numbers, IP address, or domain names, so that a given instance can potentially serve out different documents depending on which domain name, port or IP address you connect to.
SSL, however, will not work on a domain-name basis. So if you configure SSL, it must be done for given port or IP address.
I think you're looking to enable ProfoundUI to run over the SSL that you've configured. In that case, you first need to set up an Apache instance for ProfoundUI. This is done automatically when the software is installed (but it's okay to do it again if you want to create a 2nd instance, etc.)
Once you've set up your ProfoundUI instance, you need to edit it's configuration file and add in the SSL settings to that instance. (I could not tell if you've already done this, or if you added the SSL options to a separate instance? But, for SSL to work in ProfoundUI, it needs to be configured in the same HTTP server instance.)
Within that instance, you can potentially run both SSL and non-SSL by creating virtual hosts that operate by port number. For example, you might create one that enables SSL on port 443, but uses plain text on port 80.
If you don't use virtual hosts, the SSL configuration will apply to the entire instance.
Does that help?
SSL, however, will not work on a domain-name basis. So if you configure SSL, it must be done for given port or IP address.
I think you're looking to enable ProfoundUI to run over the SSL that you've configured. In that case, you first need to set up an Apache instance for ProfoundUI. This is done automatically when the software is installed (but it's okay to do it again if you want to create a 2nd instance, etc.)
Once you've set up your ProfoundUI instance, you need to edit it's configuration file and add in the SSL settings to that instance. (I could not tell if you've already done this, or if you added the SSL options to a separate instance? But, for SSL to work in ProfoundUI, it needs to be configured in the same HTTP server instance.)
Within that instance, you can potentially run both SSL and non-SSL by creating virtual hosts that operate by port number. For example, you might create one that enables SSL on port 443, but uses plain text on port 80.
If you don't use virtual hosts, the SSL configuration will apply to the entire instance.
Does that help?
-
- Experienced User
- Posts: 2711
- Joined: Wed Aug 01, 2012 8:58 am
- First Name: Scott
- Last Name: Klement
- Company Name: Profound Logic
- City: Milwaukee
- State / Province: Wisconsin
Re: Ready to allow Internet activity
If it helps, there's documentation on the typical SSL setup within ProfoundUI here:
http://www.profoundlogic.com/docs/displ ... abling+SSL
There are SSL directives already included with the default ProfoundUI configuration that are commented out. You can un-comment them, and tweak them for your application. It's all explained at the above link.
If you want/need to do something fancier like VirtualHosts (so you can have both SSL and non-SSL in the same instance) then we can explore that, too.
http://www.profoundlogic.com/docs/displ ... abling+SSL
There are SSL directives already included with the default ProfoundUI configuration that are commented out. You can un-comment them, and tweak them for your application. It's all explained at the above link.
If you want/need to do something fancier like VirtualHosts (so you can have both SSL and non-SSL in the same instance) then we can explore that, too.
-
- New User
- Posts: 2
- Joined: Wed Jul 15, 2015 5:34 pm
- First Name: Matt
- Last Name: Seeberger
- Company Name: Dupre Logistics
- Contact:
Re: Ready to allow Internet activity
I have SSL turned on but I need to update the certificate for SHA-2. I loaded the new cert to the digital certificate store, assigned it to the application, and restarted Apache. We I load the webpage it is still showing the old certificate. I tried clearing my browser cache and it shows the same thing. I have also tried it on multiple devices with the same results; the old cert. Another app from a different vendor took the updated cert just fine applying it using this same method. Any suggestions here?Scott Klement wrote:If it helps, there's documentation on the typical SSL setup within ProfoundUI here:
http://www.profoundlogic.com/docs/displ ... abling+SSL
There are SSL directives already included with the default ProfoundUI configuration that are commented out. You can un-comment them, and tweak them for your application. It's all explained at the above link.
If you want/need to do something fancier like VirtualHosts (so you can have both SSL and non-SSL in the same instance) then we can explore that, too.
-
- Experienced User
- Posts: 2711
- Joined: Wed Aug 01, 2012 8:58 am
- First Name: Scott
- Last Name: Klement
- Company Name: Profound Logic
- City: Milwaukee
- State / Province: Wisconsin
Re: Ready to allow Internet activity
Did you assign the new certificate to the application ID you are using for Profound UI?
Did you restart the HTTP server after all the changes in the digital certificate manager?
Did you restart the HTTP server after all the changes in the digital certificate manager?
Who is online
Users browsing this forum: No registered users and 3 guests