Versions Compared

Old Version 20

changes.mady.by.user IDERA

Saved on

compared with

New Version 21

changes.mady.by.user KB Writer - Client Services

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Once OpenSSL is installed, enter the following commands (changing <openssl_dir> to the proper path for the OpenSSL installation directory) at the command line to generate the certificate key. The example uses 1024 bit encryption; if required, you can increase to your preferred value:

 

Code Block
cd <openssl_dir>/bin 
openssl genrsa -des3 -out uptime_ssl_server.key 1024 4096
openssl req -new -key uptime_ssl_server.key -out uptime_ssl_server.csr 
openssl x509 -reqsha512 -daysnodes 365 -in uptime_ssl_server.csrnewkey rsa:4096 -signkey uptime_ssl_serverkeyout domain.key -out uptime_ssl_server.crt

Create a passphrase file

Create a passphrase file containing your SSL server password specified in the previous step. The Uptime Web Server will require the password each time it restarts but a passphrase file will automate the request, so user intervention is not necessary.

Windows:
Open notepad and enter the following line where <your_SSL_server_password> is the password for your generated certificate keys.

Code Block
languagevb
@echo <your_SSL_server_password>

Save the file as passphrase.cmd.

...

 Code Block
languagebash
#!/bin/bash 
echo "<your_SSL_server_password>"
Save the file as passphrase.cmd.
Make the file executable.
 Code Block
languagebash
chmod +x passphrase.cmd
Move the files to the Uptime Infrastructure Monitor directory
...
        • uptime_ssl_server.key
        • uptime_ssl_server.crt
        • passphrase.cmd
 
Update httpd.conf
The following changes to the web server configuration file (httpd.conf) will allow it to use SSL.
...
 Code Block
languagexml
SSLProtocol ALL -SSLv2 -SSLv3
SSLCipherSuite ALL:!aNULL:!eNULL:!EXP:!DES:!RC4:!MD5:!PSK:!aECDH:!KRB5:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA
SSLMutex default 
SSLPassPhraseDialog "exec:<uptime_dir>/apache/conf/passphrase.cmd" 
SSLSessionCache none 

<VirtualHost *:80> 
 RewriteEngine on 
 RewriteCond %{SERVER_PORT} !^443$ 
 RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [NC,R,L] 
</VirtualHost> 

<VirtualHost *:443> 
 SSLEngine on 
 DocumentRoot "<uptime_dir>/GUI" 
 SSLCertificateFile "<uptime_dir>/apache/conf/uptime_ssl_server.crt" 
 SSLCertificateKeyFile "<uptime_dir>/apache/conf/uptime_ssl_server.key" 
</VirtualHost> 

<VirtualHost *:9999> 
 RewriteEngine on 
 RewriteCond %{SERVER_PORT} !^443$ 
 RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [NC,R,L] 
</VirtualHost>
...