Scalix Forums

Skip to content

SSL = no SWA

Discuss installation of Scalix software

Moderators: ScalixSupport, admin

Post Reply
ShaneJ

SSL = no SWA

Postby ShaneJ » Wed Dec 12, 2007 12:16 am

For the last two days I have been reading any and every thread on this forum to do with SSL, but for the life of me I cannot get it to work the way it should.

I can access https://my.domain.com/ but not https://my.domain.com/webmail
I can also access http://my.domain.com/webmail

I can get it working by following this thread: viewtopic.php?t=8279&highlight=https

Edit the following files:
/etc/opt/scalix-tomcat/connector/ajp/instance-<host>.conf
/etc/opt/scalix-tomcat/connector/jk/instance-<host>.conf

Put the following into both files:

<VirtualHost *:443>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
Include /etc/opt/scalix-tomcat/connector/<conn>/app-<host>.*.conf
</VirtualHost>



Edit /etc/httpd/conf.d/ssl.conf
Find the entry that reads <VirtualHost _default_:443> - comment it and everything beneath it out.

Restart services and it all works.

I'm not really happy with this solution as I don't believe the virtualhost section of the ssl.conf file needs to be commented out. The information that is being commented out is being added to the connector config files anyway.

Is this really what has to be done, or have I been doing something wrong?
Top
ShaneJ

Postby ShaneJ » Wed Dec 12, 2007 12:20 am

I have Scalix 11.2.0 installed on Fedora 7
Top
les
Scalix Star
Scalix Star
Posts: 819
Joined: Thu Feb 23, 2006 10:18 am
Location: Sydney, Australia

Re: SSL = no SWA

Postby les » Thu Dec 13, 2007 7:04 am

ShaneJ wrote:
I'm not really happy with this solution as I don't believe the virtualhost section of the ssl.conf file needs to be commented out. The information that is being commented out is being added to the connector config files anyway.

Is this really what has to be done, or have I been doing something wrong?


yes it is. Apache will use the first virtual host definition it finds, so you need to disable, remove or comment out the ssl.conf in apache.

That way it uses the ssl config from scalix.

in my setups this is all i have in /etc/httpd/conf.d/ssl.conf

# No virtual hosts needed....
# Just listen on port 443 and load SSL modules
# The default virtual host configs conflict with scalix

Listen 443
LoadModule ssl_module modules/mod_ssl.so
Regards,

Les Stott
Top
ShaneJ

Postby ShaneJ » Sun Dec 16, 2007 7:35 pm

Thanks mate, Its all clear now :)
Top
Post Reply

Return to “Installation”



Who is online

Users browsing this forum: No registered users and 2 guests

Powered by phpBB® Forum Software © phpBB Limited