Difference between revisions of "Setting up SSL/HTTPS"

Configuring SSL

As a minimum SSL has to be enabled in the application server (JBoss,Tomcat etc). Optionally TempusServa SSL policies can be tweaked to enforce certain behaviours.

Configuring SSL i web application

Checklist for Tomcat 6 or 7

1. Import certifcates to keystore
2. Uncomment connector code in conf/server.xml
3. Set keystore reference and password
4. Reboot server

Configuring SSL i Tempus Serva

Two configurations options exist

• Require SSL for login actions: securitySslPages
• Require SSL for all othe pages: securitySslLogin

Note that SSL can not be actively prevented.

Finally the SSL connector port can be changed if set to nondefault values: applicationlPortSSL

Problems with wrappers

The usage of wrappers can result in SSL warnings.

If your solution is depending on the use of Wrappers, please tjeck the following

• All style, script and image references are made with HTTPS
• No referenced stylesheets depends on images using HTTP

If the wrapper cannot be transformed from HTTP to HTTPS, referenced ressources should be copied to the server

• Stylesheets copied to TS stylesheet
• Images downloaded and copied to the media library

After changes are made remmeber to flush caches: Both Chrome and IE sometimes caches longer than expected.