...
Note | ||||
---|---|---|---|---|
| ||||
Upgrading the Uptime Monitoring Station will overwrite the changes to httpd.conf, so when the upgrade is complete, be sure to update the httpd.conf file again. |
Configuring SSL
To configure SSL browsing in the Uptime web interface, you must generate a server certificate, which identifies that server is using SSL for security, and perform some platform-specific configuration. The following steps will cover this process.
Generate or obtain a server certificate
You can purchase a recognized certificate from a vendor such as Verisign or Thawte.
...
Code Block |
---|
cd <openssl_dir>/bin openssl genrsa -out uptime_ssl_server.key 4096 openssl req -x509 -sha512 -nodes -newkey rsa:4096 -keyout domain.key -out uptime_ssl_server.crt |
Move the files to the Uptime Infrastructure Monitor directory
Copy the following files to the <uptime_dir>/apache/conf directory where <uptime_dir> is the installation directory of Uptime (the default installation directory is C:\Program Files\uptime software\uptime on Windows and /usr/local/uptime on Linux).
- uptime_ssl_server.key
- uptime_ssl_server.crt
Update httpd.conf
The following changes to the web server configuration file (httpd.conf) will allow it to use SSL.
...
Code Block |
---|
LoadModule rewrite_module modules/mod_rewrite.so LoadModule ssl_module/mod_ssl.so |
Note |
---|
Download mod_rewrite.soOn Linux installations of Uptime Infrastructure Monitor 7.2 and earlier, the mod_rewrite.so file is not bundled with Uptime Infrastructure Monitor, so it is necessary to download it from here (mod_rewrite.so) and copy it to the <uptime_dir>/apache/modules directory. Then, in httpd.conf, add the "LoadModule rewrite_module modules/mod_rewrite.so" line after "# LoadModule foo_module modules/mod_foo.so". If issues are experienced with the version of mod_rewrite.so attached, try creating a symlink to the mod_rewrite.so file provided by the Linux distribution instead. |
...
Code Block | ||
---|---|---|
| ||
SSLProtocol ALL -SSLv2 -SSLv3 SSLCipherSuite ALL:!aNULL:!eNULL:!EXP:!DES:!RC4:!MD5:!PSK:!aECDH:!KRB5:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA SSLMutex default SSLSessionCache none <VirtualHost *:80> RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [NC,R,L] </VirtualHost> <VirtualHost *:443> SSLEngine on DocumentRoot "<uptime_dir>/GUI" SSLCertificateFile "<uptime_dir>/apache/conf/uptime_ssl_server.crt" SSLCertificateKeyFile "<uptime_dir>/apache/conf/uptime_ssl_server.key" </VirtualHost> <VirtualHost *:9999> RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [NC,R,L] </VirtualHost> |
Update uptime.conf
Open the <uptime_dir>/uptime.conf file for editing and change the httpContext parameter (which begins with "httpContext=http://") to reflect the use of SSL:
Code Block | ||
---|---|---|
| ||
httpContext=https://<Server_Hostname>:443 |
Restart the services
For the changes to take effect, restart the Uptime Data Collector and Uptime Web Server on Windows or uptime_core and uptime_httpd on Linux.
...