Setting up SSL/HTTPS
Revision as of 12:57, 11 February 2013 by old>Admin (→Configuring SSL i Tempus Serva)
Configuring SSL
As a minimum SSL has to be enabled in the application server (JBoss,Tomcat etc). Optionally TempusServa SSL policies can be tweaked to enforce certain behaviours.
Configuring SSL i web application
Checklist for Tomcat 6 or 7
- Import certifcates to keystore
- Uncomment connector code in conf/server.xml
- Set keystore reference and password
- Reboot server
Configuring SSL i Tempus Serva
Two options exist
- Require SSL for login actions: securitySslPages
- Require SSL for all othe pages: securitySslLogin
Note that SSL can not be actively prevented.
Finally the SSL connector port can be changed if set to nondefault values: applicationlPortSSL
Problems with wrappers
The usage of wrappers can result in SSL warnings.
If your solution is depending on the use of Wrappers, please tjeck the following
- All style, script and image references are made with HTTPS
- No referenced stylesheets depends on images using HTTP
If the wrapper cannot be transformed from HTTP to HTTPS, referenced ressources should be copied to the server
- Stylesheets copied to TS stylesheet
- Images downloaded and copied to the media library
After changes are made remmeber to flush caches: Both Chrome and IE sometimes caches longer than expected.