so i have searched everywhere.
i need to setup my otrs instance to be SSL. the only thing making otrs work in apache is otrs.conf
which doesnt have virtualhost wrapper in it to put the SSL information or define a port.
any advice i'd really appreciate it
OTRS 3.2x SSL setup
Moderator: crythias
-
blueharford
- Znuny newbie
- Posts: 16
- Joined: 25 Mar 2013, 23:55
- Znuny Version: 3.2.3
- Real Name: Joshua
OTRS 3.2x SSL setup
OTRS 3.3.5 ITSM 3.3.5 on Amazon Linux(CentOS) with Postgresql database hosted on Amazon RDS.
-
StarDestroyer
- Znuny newbie
- Posts: 20
- Joined: 05 Sep 2013, 22:26
- Znuny Version: 5.0.x
- Real Name: Jake
- Company: Hilite International
Re: OTRS 3.2x SSL setup
This is really a function of the webserver, not OTRS. The only time the app needs to get involved in SSL is if you want authentication to be done over https and everything else over http. If you want everything ever https, just tell the webserver that.
I'm running OTRS installed from an RPM package on CentOS 6. The RPM package put a zzz_otrs.conf file in /etc/httpd/conf.d. This file defines, among other things, a ScriptAlias (/opt/otrs/bin/cgi-bin/) and an Alias (/opt/otrs/var/httpd/htdocs). However, I wanted my OTRS to run under the subdomain of helpdesk.domain.net. On my box, I have many other virtual hosts which I accomplish by creating a vh.something.conf file under /etc/httpd/conf.d. Here's my (somewhat sanitized) vh.helpdesk.conf file:
A couple things to note here.
I'm running OTRS installed from an RPM package on CentOS 6. The RPM package put a zzz_otrs.conf file in /etc/httpd/conf.d. This file defines, among other things, a ScriptAlias (/opt/otrs/bin/cgi-bin/) and an Alias (/opt/otrs/var/httpd/htdocs). However, I wanted my OTRS to run under the subdomain of helpdesk.domain.net. On my box, I have many other virtual hosts which I accomplish by creating a vh.something.conf file under /etc/httpd/conf.d. Here's my (somewhat sanitized) vh.helpdesk.conf file:
Code: Select all
<VirtualHost *:80>
ServerName helpdesk.domain.net
ServerAlias helpdesk
RewriteEngine on
RewriteRule /(.*) https://helpdesk.domain.net/$1 [R]
</VirtualHost>
<VirtualHost *:443>
ServerName helpdesk.domain.net
DocumentRoot /var/www/html
RewriteEngine On
RewriteRule ^/?$ /otrs/customer.pl [R]
SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
</VirtualHost>
- Name based virtual hosts over SSL are not officially supported by Apache. They seem to work in my environment, but make sure you test that.
- There is a config somewhere else that I can't remember off the top of my head for enabling virtual hosts in Apache.
- The /otrs alias is inherited from the zzz_otrs.conf file and works over all virtual hosts. If you don't want that, you could modify the config but it isn't likely to hurt anything.
- Basically what this does is redirects any request that comes in to http://helpdesk or http://helpdesk.domain.net to https://helpdesk.domain.net, thus forcing SSL.
OTRS 5.0.x on CentOS 6 w/MySQL Database