Created by: ROD TAGUCHI on 01-10-2011 07:04:57 PM Is there a guide for configuring the WebEx Social web server to accept SSL connections?
Subject: RE: How to enable SSL for DMZ configuration Replied by: James Maudlin on 02-10-2011 09:06:25 AM 1. Creating a self signed sertificate. Use the following script:
* -x509 identifies that a certificate is required, rather than just a certificate request (see below). * -days 365 sets the certificate to expire in a year. * -sha1 specifies that SHA1 encryption should be used. * -rsa:1024 sets the key as 1024 bit RSA. * -nodes specifies no passphrase. * -keyout and -out specify where to store the certificate and key. The key should be root-readable only the certificate can be world-readable, and must be readable by the user that Apache runs as. * -subj flag sets the company name, department name, and the web site address. If you leave these out, you'll be prompted for them. The CN must be the same as the address of your web site, otherwise the certificate won't match and users
2. Install the server.key and server.crt in <apache_install_dir>/conf. The path to the server.key, and server.crt should be described in <apache_install_dir>/conf/extra/httpd-ssl.conf using SSLCertificateKeyFile and SSLCertificateFile directives. 3. Include conf/extra/httpd-ssl.conf in your <apache_install_dir>/conf/htpd.conf file 4. Configure <apache_install_dir>/conf/extra/httpd-ssl.conf - Add Listen 443 directive - In the virtual host listening on 443 <VirtualHost _default_:443> add the folowing rules Options +FollowSymLinks RewriteEngine On RewriteLogLevel 0 RewriteLog "C:/Program Files/Apache Software Foundation/Apache2.2/logs/rewrite.log" RewriteRule ^/pub-sub/https-bind/ http://10.62.73.180:7070/http-bind/ RewriteRule ^/pub-sub/http-bind/ http://10.62.73.180:7070/http-bind/ RewriteRule ^/pub-sub/test http://www.google.bg RewriteRule ^/chat-proxy/(.+) $1 RewriteRule ^/stproxy/(.+) $1 JkMount /* ajp13_worker <Location /stproxy/> ProxyPassReverseCookiePath / /stproxy/ </Location>
Subject: RE: How to enable SSL for DMZ configuration Replied by: Christopher Chandler on 17-11-2011 11:06:44 AM Just a quick note on the subject line: We do not currently support WebEx Social being installed in the DMZ. SSL is indeed supported via SSL offload to an ACE or other device that can terminate SSL and shoot plain HTTP to WebEx Social.
SSL termination on WebEx Social nodes is targeted for the Albani release (roughly Feb 2012, subject to change).
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: