Feedback

  • Contents
 

SSL both for browser and CIC connection

  1. Edit the config.js file located in the \htdocs\I3Root\js folder.

    Locate the ININ.Web.Chat.Config section and find the part that says "UseEncryption":false. Set the value to true.

  2. Edit the <apache install dir>\conf\httpd.conf file.

    • Uncomment the following lines:

        LoadModule proxy_module modules/mod_proxy.so
        LoadModule proxy_http_module modules/mod_proxy_http.so
        LoadModule proxy_connect_module modules/mod_proxy_connect.so
        LoadModule ssl_module modules/mod_ssl.so
                
    • Add the following lines at the end of the file:

        <Proxy *>
        Order deny,allow
        Allow from all
        </Proxy>
        ProxyPass /I3Root/Server1/ https://icserver:3508/
        ProxyPassReverse /I3Root/Server1/ https://icserver:3508/
        include conf/extra/httpd-ssl.conf
                
  3. Copy the Server Group Certificate from the CIC server to the web server. The file is here:

    \I3\IC\Certificates\ServerGroup\ServerGroupCertificate.cer

  4. Create the certificate and key for Apache.

    • Open a command prompt and navigate to the bin directory:

      InstallPath\Apache Software Foundation\Apache2.2\bin

    • Modify the following command to match your configuration and run it. It will prompt for a number of pieces of information. Your answers do not affect the functionality at issue.

        openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes -in ServerGroupCertificate.cer -keyout testserver.key -out testserver.crt -config "\InstallPath\Apache Software Foundation\Apache2.2\conf\openssl.cnf"
                
    • Edit httpd-ssl.conf. Find the following lines and modify them to point to the key and crt files.

        SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/bin/cert/ICServer-Certificate.crt"
        SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/bin/cert/ICServer-Server.key"
                
    • Modify the following lines in the same httpd-ssl.conf file:

        <VirtualHost _default_:443>
        ServerName webserver.domain.com:443
        SSLEngine on
        SSLProxyEngine on
                
  5. Restart Apache to implement the changes.

    If it does not start, then check the app event log. It is easy to make a mistake editing these configuration files. If everything is correct and the page still loads with an error, try clearing the browser cache.