Forum OpenACS Development: Re: SSL Installation

Collapse
7: Re: SSL Installation (response to 1)
Posted by Torben Brosten on 12/13/11 04:55 PM

First, open a terminal window and sudo to root.

Next, edit the config.tcl file. Find the ns_section ending with "nsopenssl/sslcontext/client". Revise the CertFile and KeyFile names to:

ns_param CertFile certfile2.pem
ns_param KeyFile keyfile2.pem

Save the file.

# install nsopenssl
apt-get install aolserver4-nsopenssl

## make key/cert location
cd /etc/openacs
mkdir certs
cd certs

# generate key/certificate (This is a self-signed key)
 openssl rand -out random1 20000
 openssl rand -out random2 20000
 openssl rand -out random3 20000
 openssl genrsa -rand random1:random2:random3 -out keyfile.pem 2048
openssl req -new -x509 -key keyfile.pem -out certfile.pem -days 1095

# make a copy of the key/cert pair, 1 pair per role (users,client)
cp keyfile.pem keyfile2.pem
cp certfile.pem certfile2.pem

# fix permissions
cd ../
chown -R www-data:www-data certs

##restart server

Browse to "https://localhost:8443"

Hopefully, this takes care of the issues you're facing. Please post any issues remaining.

cheers,
Torben

Collapse
8: Re: SSL Installation (response to 7)
Posted by Raul Rodriguez on 12/16/11 05:02 AM
Thank you very much that worked.

The cert directory I created on dotlrn was in:
/etc/dotlrn

Any pointers on how to get email working on the same setup?

Thank You