Ready to allow Internet activity

[carldata]

We are required to use HTTPS SSL (Port 443 has been configured, and listening)
We have obtained our Public IP address.
We have created the local signed CA
We have configured the Virtual Host Container. It is empty.
We need some help with the Next step to complete testing.
Do we need to change the ProfoundUi Conf file?
mark

[Scott Klement]

The IBM HTTP Server (powered by Apache) can be configured in multiple "instances". Within each instance, you can configure separate virtual hosts that represent different port numbers, IP address, or domain names, so that a given instance can potentially serve out different documents depending on which domain name, port or IP address you connect to.

SSL, however, will not work on a domain-name basis. So if you configure SSL, it must be done for given port or IP address.

I think you're looking to enable ProfoundUI to run over the SSL that you've configured. In that case, you first need to set up an Apache instance for ProfoundUI. This is done automatically when the software is installed (but it's okay to do it again if you want to create a 2nd instance, etc.)

Once you've set up your ProfoundUI instance, you need to edit it's configuration file and add in the SSL settings to that instance. (I could not tell if you've already done this, or if you added the SSL options to a separate instance? But, for SSL to work in ProfoundUI, it needs to be configured in the same HTTP server instance.)

Within that instance, you can potentially run both SSL and non-SSL by creating virtual hosts that operate by port number. For example, you might create one that enables SSL on port 443, but uses plain text on port 80.

If you don't use virtual hosts, the SSL configuration will apply to the entire instance.

Does that help?

[Scott Klement]

If it helps, there's documentation on the typical SSL setup within ProfoundUI here:
http://www.profoundlogic.com/docs/displ ... abling+SSL

There are SSL directives already included with the default ProfoundUI configuration that are commented out. You can un-comment them, and tweak them for your application. It's all explained at the above link.

If you want/need to do something fancier like VirtualHosts (so you can have both SSL and non-SSL in the same instance) then we can explore that, too.

[matts]

If it helps, there's documentation on the typical SSL setup within ProfoundUI here:
http://www.profoundlogic.com/docs/displ ... abling+SSL

There are SSL directives already included with the default ProfoundUI configuration that are commented out. You can un-comment them, and tweak them for your application. It's all explained at the above link.

If you want/need to do something fancier like VirtualHosts (so you can have both SSL and non-SSL in the same instance) then we can explore that, too.

I have SSL turned on but I need to update the certificate for SHA-2. I loaded the new cert to the digital certificate store, assigned it to the application, and restarted Apache. We I load the webpage it is still showing the old certificate. I tried clearing my browser cache and it shows the same thing. I have also tried it on multiple devices with the same results; the old cert. Another app from a different vendor took the updated cert just fine applying it using this same method. Any suggestions here?

[Scott Klement]

Did you assign the new certificate to the application ID you are using for Profound UI?

Did you restart the HTTP server after all the changes in the digital certificate manager?