Versions Compared

Old Version 2

changes.mady.by.user Nadja Pollard

Saved on

compared with

New Version Current

changes.mady.by.user Nadja Pollard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Generate or obtain a server certificate

  • You can purchase a recognized certificate from a vendor such as Verisign or Thawte .
  • Alternately, you can generate your own non-recognized certificate. A non-recognized certificate is one that does not come from a certificate-issuing authority. To generate a non-recognized certificate, download and install the  OpenSSL software . OpenSSL binaries for Windows can be obtained from Shining Light Productions .
  • Once OpenSSL is installed, enter the following commands (changing <openssl_dir> to the proper path for the OpenSSL installation directory) at the command line to generate the certificate key.
    Code Block
    languagesql
    cd <openssl_dir>/bin
openssl req -new -x509 -newkey rsa:4096 -nodes -out uptime_ssl_server.crt -keyout uptime_ssl_server.

...

  • key

Working with wildcard certs / pfx certs

...

  1. Run the following command to export the private key:
    openssl pkcs12 -in certname.pfx -nocerts -out uptime_ssl_key.pem –nodes
  2. Run the following command to export the certificate:
    openssl pkcs12 -in certname.pfx -nokeys -out uptime_ssl_cert.pem
  3. Run the following command to remove the passphrase from the private key:
    openssl rsa -in uptime_ssl_key.pem -out uptime_ssl_server.key
  4. Run the following command to produce the cert file
    openssl pkcs12 -in certname.pfx -clcerts -nokeys -out uptime_ssl_server.crt

Move the files to the UIM directory

Copy the following files to the <uptime_dir>/apache/conf directory where <uptime_dir> is the installation directory of Uptime UIM (the default installation directory is C:\Program Files\uptime software\uptime on Windows and /usr/local/uptime on Linux).

  • uptime_ssl_server.key
  • uptime_ssl_server.crt

Update httpd.conf

The following changes to the web server configuration file (httpd.conf) will allow it to use SSL.

Open <uptime_dir>/apache/conf/httpd.conf for editing. Where <uptime_dir> appears below, change it to reflect the directory where you have Uptime UIM installed (ex. c:/Program Files/uptime software/uptime). All path slashes in httpd.conf need to be forward slashes (rather than the usual backslash that is used in Windows).

...

Finally, the last part is to add entries in httpd.conf that will rewrite the requests as HTTPS. At the bottom of the httpd.conf file, add these lines, changing <uptime_dir> to the directory of your Uptime UIM installation.  Please note that the following example uses a specific list of ciphers.  You can change the list of ciphers according to your security requirements.

...

For the changes to take effect, restart the Uptime Web Server on Windows or uptime_httpd on Linux.