Setting up SSL/HTTPS

From TempusServa wiki
Revision as of 12:57, 11 February 2013 by old>Admin (→‎Configuring SSL i Tempus Serva)
Jump to navigation Jump to search

Configuring SSL

As a minimum SSL has to be enabled in the application server (JBoss,Tomcat etc). Optionally TempusServa SSL policies can be tweaked to enforce certain behaviours.


Configuring SSL i web application

Checklist for Tomcat 6 or 7

  1. Import certifcates to keystore
  2. Uncomment connector code in conf/server.xml
  3. Set keystore reference and password
  4. Reboot server

Configuring SSL i Tempus Serva

Two options exist

  • Require SSL for login actions: securitySslPages
  • Require SSL for all othe pages: securitySslLogin

Note that SSL can not be actively prevented.

Finally the SSL connector port can be changed if set to nondefault values: applicationlPortSSL

Problems with wrappers

The usage of wrappers can result in SSL warnings.

If your solution is depending on the use of Wrappers, please tjeck the following

  • All style, script and image references are made with HTTPS
  • No referenced stylesheets depends on images using HTTP

If the wrapper cannot be transformed from HTTP to HTTPS, referenced ressources should be copied to the server

  • Stylesheets copied to TS stylesheet
  • Images downloaded and copied to the media library

After changes are made remmeber to flush caches: Both Chrome and IE sometimes caches longer than expected.