https://www.scalix.com/wiki/api.php?action=feedcontributions&user=Oscar&feedformat=atom
Scalix Wiki - User contributions [en]
2024-03-19T12:24:43Z
User contributions
MediaWiki 1.26.4
https://www.scalix.com/wiki/index.php?title=Scalix_with_https&diff=3678
Scalix with https
2007-11-11T12:04:57Z
<p>Oscar: </p>
<hr />
<div>This howto is for Fedora Core.<br />
<br />
Install openssl<br />
<br />
root@scalix:~# yum install -y mod_ssl.i386 openssl.i386 openssl-devel.i386<br />
<br />
Modify file of openssl<br />
<br />
root@scalix:~# vi /etc/pki/tls/openssl.cnf<br />
<br />
countryName_default = SP<br />
stateOrProvinceName_default = Barcelona<br />
localityName_default = Sabadell<br />
0.organizationName_default = Ilba<br />
organizationalUnitName_default = Ilba<br />
<br />
Change directory and create the certificate<br />
<br />
root@scalix:~# cd /etc/pki/tls/misc/<br />
root@scalix:/etc/pki/tls/misc# ./CA -newca<br />
root@scalix:/etc/pki/tls/misc# ./CA -newreq<br />
root@scalix:/etc/pki/tls/misc# ./CA -sign<br />
root@scalix:/etc/pki/tls/misc# mkdir /var/myCA<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/cacert.pem cacert.pem <- Clave pública (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/private/cakey.pem cakey.pem <- Clave privada (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/cert.pem cert.pem <- Certificado Servidor<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/misc/newcert.pem newcert.pem<br />
<br />
Verify:<br />
<br />
root@scalix:/var/myCA# cat cacert.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
root@scalix:/var/myCA# cat cakey.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
<br />
Modify the path of apache to accept SSL<br />
<br />
root@scalix:/var/myCA# vi /etc/httpd/conf.d/ssl.conf<br />
SSLCertificateFile /var/myCA/cacert.pem<br />
SSLCertificateKeyFile /var/myCA/cakey.pem<br />
<br />
root@scalix:/var/myCA# cp cakey.pem cakey.bak<br />
<br />
No password when restart apache<br />
<br />
root@scalix:/var/myCA# openssl rsa -in cakey.bak -out cakey.pem<br />
Enter pass phrase for cakey.bak:<br />
writing RSA key<br />
<br />
root@scalix:/var/myCA# /etc/init.d/httpd restart<br />
<br />
Create a backup<br />
<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf.old<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf.old<br />
<br />
Configure Scalix to accept HTTPS<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf<br />
<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:443><br />
Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
JkWorkerProperty worker.scalix.type=ajp13<br />
JkWorkerProperty worker.scalix.host=scalix.ilba.cat<br />
JkWorkerProperty worker.scalix.port=8009<br />
JkWorkerProperty worker.scalix.lbfactor=50<br />
JkWorkerProperty worker.scalix.cachesize=10<br />
JkWorkerProperty worker.scalix.cache_timeout=600<br />
JkWorkerProperty worker.scalix.socket_keepalive=1<br />
JkWorkerProperty worker.scalix.recycle_timeout=300<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf<br />
<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:80><br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
<br />
Configure apache for HTTPS<br />
<br />
root@scalix:~# vi /etc/httpd/conf.d/ssl.conf<br />
<br />
# at the end of the file<br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
</VirtualHost><br />
<br />
root@scalix:~# /etc/init.d/scalix-tomcat restart<br />
root@scalix:~# /etc/init.d/httpd restart</div>
Oscar
https://www.scalix.com/wiki/index.php?title=Scalix_with_https&diff=3677
Scalix with https
2007-11-11T11:59:24Z
<p>Oscar: </p>
<hr />
<div>This howto is for Fedora Core.<br />
<br />
Install openssl<br />
<br />
root@scalix:~# yum install -y mod_ssl.i386 openssl.i386 openssl-devel.i386<br />
<br />
Modify file of openssl<br />
<br />
root@scalix:~# vi /etc/pki/tls/openssl.cnf<br />
<br />
countryName_default = SP<br />
stateOrProvinceName_default = Barcelona<br />
localityName_default = Sabadell<br />
0.organizationName_default = Ilba<br />
organizationalUnitName_default = Ilba<br />
<br />
Change directory and create the certificate<br />
<br />
root@scalix:~# cd /etc/pki/tls/misc/<br />
root@scalix:/etc/pki/tls/misc# ./CA -newca<br />
root@scalix:/etc/pki/tls/misc# ./CA -newreq<br />
root@scalix:/etc/pki/tls/misc# ./CA -sign<br />
root@scalix:/etc/pki/tls/misc# mkdir /var/myCA<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/cacert.pem cacert.pem <- Clave pública (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/private/cakey.pem cakey.pem <- Clave privada (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/cert.pem cert.pem <- Certificado Servidor<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/misc/newcert.pem newcert.pem<br />
<br />
Verify:<br />
<br />
root@scalix:/var/myCA# cat cacert.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
root@scalix:/var/myCA# cat cakey.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
<br />
root@scalix:/var/myCA# vi /etc/httpd/conf.d/ssl.conf<br />
SSLCertificateFile /var/myCA/cacert.pem<br />
SSLCertificateKeyFile /var/myCA/cakey.pem<br />
<br />
root@scalix:/var/myCA# cp cakey.pem cakey.bak<br />
<br />
root@scalix:/var/myCA# openssl rsa -in cakey.bak -out cakey.pem<br />
Enter pass phrase for cakey.bak:<br />
writing RSA key<br />
<br />
root@scalix:/var/myCA# /etc/init.d/httpd restart<br />
<br />
Create a backup<br />
<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf.old<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf.old<br />
<br />
Configure Scalix<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf<br />
<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:443><br />
Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
JkWorkerProperty worker.scalix.type=ajp13<br />
JkWorkerProperty worker.scalix.host=scalix.ilba.cat<br />
JkWorkerProperty worker.scalix.port=8009<br />
JkWorkerProperty worker.scalix.lbfactor=50<br />
JkWorkerProperty worker.scalix.cachesize=10<br />
JkWorkerProperty worker.scalix.cache_timeout=600<br />
JkWorkerProperty worker.scalix.socket_keepalive=1<br />
JkWorkerProperty worker.scalix.recycle_timeout=300<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf<br />
<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:80><br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
<br />
root@scalix:~# /etc/init.d/scalix-tomcat restart<br />
root@scalix:~# /etc/init.d/httpd restart<br />
<br />
¿ Como hacer para que funcione https://xxx/webmail ?<br />
<br />
root@scalix:~# vi /etc/httpd/conf.d/ssl.conf<br />
<br />
# at the end of the file<br />
<br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
</VirtualHost></div>
Oscar
https://www.scalix.com/wiki/index.php?title=Scalix_with_https&diff=3676
Scalix with https
2007-11-11T11:58:20Z
<p>Oscar: </p>
<hr />
<div>Install openssl<br />
<br />
root@scalix:~# yum install -y mod_ssl.i386 openssl.i386 openssl-devel.i386<br />
<br />
Modify file of openssl<br />
<br />
root@scalix:~# vi /etc/pki/tls/openssl.cnf<br />
<br />
countryName_default = SP<br />
stateOrProvinceName_default = Barcelona<br />
localityName_default = Sabadell<br />
0.organizationName_default = Ilba<br />
organizationalUnitName_default = Ilba<br />
<br />
Change directory and create the certificate<br />
<br />
root@scalix:~# cd /etc/pki/tls/misc/<br />
root@scalix:/etc/pki/tls/misc# ./CA -newca<br />
root@scalix:/etc/pki/tls/misc# ./CA -newreq<br />
root@scalix:/etc/pki/tls/misc# ./CA -sign<br />
root@scalix:/etc/pki/tls/misc# mkdir /var/myCA<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/cacert.pem cacert.pem <- Clave pública (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/private/cakey.pem cakey.pem <- Clave privada (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/cert.pem cert.pem <- Certificado Servidor<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/misc/newcert.pem newcert.pem<br />
<br />
Verify:<br />
<br />
root@scalix:/var/myCA# cat cacert.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
root@scalix:/var/myCA# cat cakey.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
<br />
root@scalix:/var/myCA# vi /etc/httpd/conf.d/ssl.conf<br />
SSLCertificateFile /var/myCA/cacert.pem<br />
SSLCertificateKeyFile /var/myCA/cakey.pem<br />
<br />
root@scalix:/var/myCA# cp cakey.pem cakey.bak<br />
<br />
root@scalix:/var/myCA# openssl rsa -in cakey.bak -out cakey.pem<br />
Enter pass phrase for cakey.bak:<br />
writing RSA key<br />
<br />
root@scalix:/var/myCA# /etc/init.d/httpd restart<br />
<br />
Create a backup<br />
<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf.old<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf.old<br />
<br />
Configure Scalix<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf<br />
<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:443><br />
Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
JkWorkerProperty worker.scalix.type=ajp13<br />
JkWorkerProperty worker.scalix.host=scalix.ilba.cat<br />
JkWorkerProperty worker.scalix.port=8009<br />
JkWorkerProperty worker.scalix.lbfactor=50<br />
JkWorkerProperty worker.scalix.cachesize=10<br />
JkWorkerProperty worker.scalix.cache_timeout=600<br />
JkWorkerProperty worker.scalix.socket_keepalive=1<br />
JkWorkerProperty worker.scalix.recycle_timeout=300<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf<br />
<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:80><br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
<br />
root@scalix:~# /etc/init.d/scalix-tomcat restart<br />
root@scalix:~# /etc/init.d/httpd restart<br />
<br />
¿ Como hacer para que funcione https://xxx/webmail ?<br />
<br />
root@scalix:~# vi /etc/httpd/conf.d/ssl.conf<br />
<br />
# at the end of the file<br />
<br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
</VirtualHost></div>
Oscar
https://www.scalix.com/wiki/index.php?title=Scalix_with_https&diff=3675
Scalix with https
2007-11-11T11:57:43Z
<p>Oscar: </p>
<hr />
<div>Install openssl<br />
<br />
root@scalix:~# yum install -y mod_ssl.i386 openssl.i386 openssl-devel.i386<br />
<br />
Modify file of openssl<br />
<br />
root@scalix:~# vi /etc/pki/tls/openssl.cnf<br />
<br />
countryName_default = SP<br />
stateOrProvinceName_default = Barcelona<br />
localityName_default = Sabadell<br />
0.organizationName_default = Ilba<br />
organizationalUnitName_default = Ilba<br />
<br />
Change directory and create the certificate<br />
<br />
root@scalix:~# cd /etc/pki/tls/misc/<br />
root@scalix:/etc/pki/tls/misc# ./CA -newca<br />
root@scalix:/etc/pki/tls/misc# ./CA -newreq<br />
root@scalix:/etc/pki/tls/misc# ./CA -sign<br />
root@scalix:/etc/pki/tls/misc# mkdir /var/myCA<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/cacert.pem cacert.pem <- Clave pública (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/private/cakey.pem cakey.pem <- Clave privada (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/cert.pem cert.pem <- Certificado Servidor<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/misc/newcert.pem newcert.pem<br />
<br />
Verify:<br />
<br />
root@scalix:/var/myCA# cat cacert.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
root@scalix:/var/myCA# cat cakey.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
<br />
root@scalix:/var/myCA# vi /etc/httpd/conf.d/ssl.conf<br />
SSLCertificateFile /var/myCA/cacert.pem<br />
SSLCertificateKeyFile /var/myCA/cakey.pem<br />
<br />
root@scalix:/var/myCA# cp cakey.pem cakey.bak<br />
root@scalix:/var/myCA# openssl rsa -in cakey.bak -out cakey.pem<br />
Enter pass phrase for cakey.bak:<br />
writing RSA key<br />
root@scalix:/var/myCA# /etc/init.d/httpd restart<br />
<br />
Create a backup<br />
<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf.old<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf.old<br />
<br />
Configure Scalix<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf<br />
<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:443><br />
Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
JkWorkerProperty worker.scalix.type=ajp13<br />
JkWorkerProperty worker.scalix.host=scalix.ilba.cat<br />
JkWorkerProperty worker.scalix.port=8009<br />
JkWorkerProperty worker.scalix.lbfactor=50<br />
JkWorkerProperty worker.scalix.cachesize=10<br />
JkWorkerProperty worker.scalix.cache_timeout=600<br />
JkWorkerProperty worker.scalix.socket_keepalive=1<br />
JkWorkerProperty worker.scalix.recycle_timeout=300<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf<br />
<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:80><br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
<br />
root@scalix:~# /etc/init.d/scalix-tomcat restart<br />
root@scalix:~# /etc/init.d/httpd restart<br />
<br />
¿ Como hacer para que funcione https://xxx/webmail ?<br />
<br />
root@scalix:~# vi /etc/httpd/conf.d/ssl.conf<br />
<br />
# at the end of the file<br />
<br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
</VirtualHost></div>
Oscar
https://www.scalix.com/wiki/index.php?title=Scalix_with_https&diff=3674
Scalix with https
2007-11-11T11:56:12Z
<p>Oscar: </p>
<hr />
<div>Install openssl<br />
<br />
root@scalix:~# yum install -y mod_ssl.i386 openssl.i386 openssl-devel.i386<br />
<br />
Modify file of openssl<br />
<br />
root@scalix:~# vi /etc/pki/tls/openssl.cnf<br />
<br />
countryName_default = SP<br />
stateOrProvinceName_default = Barcelona<br />
localityName_default = Sabadell<br />
0.organizationName_default = Ilba<br />
organizationalUnitName_default = Ilba<br />
<br />
Change directory and create the certificate<br />
<br />
root@scalix:~# cd /etc/pki/tls/misc/<br />
root@scalix:/etc/pki/tls/misc# ./CA -newca<br />
root@scalix:/etc/pki/tls/misc# ./CA -newreq<br />
root@scalix:/etc/pki/tls/misc# ./CA -sign<br />
root@scalix:/etc/pki/tls/misc# mkdir /var/myCA<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/cacert.pem cacert.pem <- Clave pública (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/CA/private/cakey.pem cakey.pem <- Clave privada (CA)<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/cert.pem cert.pem <- Certificado Servidor<br />
root@scalix:/var/myCA# cp -a /etc/pki/tls/misc/newcert.pem newcert.pem<br />
<br />
Verify:<br />
<br />
root@scalix:/var/myCA# cat cacert.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
root@scalix:/var/myCA# cat cakey.pem<br />
-----BEGIN CERTIFICATE-----<br />
MIIC6zCCAlSgAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJTUDES<br />
-----END CERTIFICATE-----<br />
<br />
root@scalix:/var/myCA# vi /etc/httpd/conf.d/ssl.conf<br />
SSLCertificateFile /var/myCA/cacert.pem<br />
SSLCertificateKeyFile /var/myCA/cakey.pem<br />
<br />
root@scalix:/var/myCA# cp cakey.pem cakey.bak<br />
root@scalix:/var/myCA# openssl rsa -in cakey.bak -out cakey.pem<br />
Enter pass phrase for cakey.bak:<br />
writing RSA key<br />
root@scalix:/var/myCA# /etc/init.d/httpd restart<br />
<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf.old<br />
root@scalix:~# cp -a /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf.old<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/jk/instance-scalix.conf<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:443><br />
Include /etc/opt/scalix-tomcat/connector/jk/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
JkWorkerProperty worker.scalix.type=ajp13<br />
JkWorkerProperty worker.scalix.host=scalix.ilba.cat<br />
JkWorkerProperty worker.scalix.port=8009<br />
JkWorkerProperty worker.scalix.lbfactor=50<br />
JkWorkerProperty worker.scalix.cachesize=10<br />
JkWorkerProperty worker.scalix.cache_timeout=600<br />
JkWorkerProperty worker.scalix.socket_keepalive=1<br />
JkWorkerProperty worker.scalix.recycle_timeout=300<br />
<br />
root@scalix:~# vi /etc/opt/scalix-tomcat/connector/ajp/instance-scalix.conf<br />
#<VirtualHost scalix.ilba.cat:80><br />
# Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
#</VirtualHost><br />
<VirtualHost *:80><br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
<LocationMatch "^/sac/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
<LocationMatch "^/webmail/*"><br />
RewriteEngine on<br />
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R,L]<br />
</LocationMatch><br />
</VirtualHost><br />
<br />
root@scalix:~# /etc/init.d/scalix-tomcat restart<br />
root@scalix:~# /etc/init.d/httpd restart<br />
<br />
¿ Como hacer para que funcione https://xxx/webmail ?<br />
<br />
root@scalix:~# vi /etc/httpd/conf.d/ssl.conf<br />
# poner al final del fichero<br />
<br />
Include /etc/opt/scalix-tomcat/connector/ajp/app-scalix.*.conf<br />
</VirtualHost></div>
Oscar
https://www.scalix.com/wiki/index.php?title=Scalix_with_https&diff=3673
Scalix with https
2007-11-11T11:52:38Z
<p>Oscar: </p>
<hr />
<div>Install openssl<br />
<br />
root@scalix:~# yum install -y mod_ssl.i386 openssl.i386 openssl-devel.i386</div>
Oscar
https://www.scalix.com/wiki/index.php?title=Other_Stuff/Community_Docs&diff=3672
Other Stuff/Community Docs
2007-11-11T11:50:10Z
<p>Oscar: /* Community How-Tos */</p>
<hr />
<div>This is for Community-authored documents. Once they grow, we'll move them to the How-To or Technote collections.... :-). Anybody - anything - anytime.<br />
<br />
=== Community How-Tos ===<br />
<br />
[[SUSE 10.0 SC RAW Notes]]<br />
<br />
[[Scalix/Sendmail & Amavisd-New HOWTO]]<br />
<br />
[[SWA Translations]]<br />
<br />
Scalix API Documentation [http://www.scalix.com/documents/api/] <br />
<br />
[[Makefile_for_Scalix-Installation_on_Debian_and_Ubuntu]]<br />
<br />
[[Manual_Installation_Debian_Etch]]<br />
<br />
[[SUR HOWTO]]<br />
<br />
[[CUSTOM WELCOME/LOGIN PAGE]]<br />
<br />
[[Howto - Change the default Scalix ldap port from 389]]<br />
<br />
[[Secure external IMAPS access via DMZ]] (WIP)<br />
<br />
[[What no-one tells you about changing servers]]<br />
<br />
[[Scalix with https]]<br />
<br />
=== Community Technotes ===</div>
Oscar