Home
   Inloggen
   Producten
   Resellers
   Ondersteuning
     Browser ondersteuning
     Certificaat vervangen
     Certificate Signing Request
     CSR testen
     Handleidingen
       AEP
       Apache
       Apple
       Barracuda
       BEA
       C2Net
       Cisco
       Citrix
       Cobalt
       Courier
       cPanel
       Cyrus
       DirectAdmin
       DoveCot
       Ensim
       F5
       GlobalScape
       Google
       H-Sphere
       IBM
       Intel
       InterWorx
       Ipswitch
       ISPConfig
       Java
       Kerio
       Lighttpd
       Litespeed
       Lotus
       Mailtraq
       Microsoft
       NETASQ
       Netgear
       Netscreen
       NetWin
       Nortel
       Novell
       Open-Xchange
         Open-Xchange server
           Certificaat installeren
           CSR aanmaken
       OpenSSL
       Parallels
       Plesk
       qmail
       RedHat
       Sendmail
       SonicWall
       Sun
       SUN-Netscape
       Sybase
       Tomcat
       UW-IMAP
       WatchGuard
       WebSite Pro
       WebSTAR
       Zeus
       Zope
   Over ons
   Contact

Het installeren van een certificaat voor Open-Xchange met Apache

 

Change Apache2's config

Modify Apache2-start up configuration: 

# vim /etc/sysconfig/apache2
 default setting:
    APACHE_SERVER_FLAGS=""
 change to:
    APACHE_SERVER_FLAGS="-D SSL"

 add rewrite to APACHE_MODULES:
    APACHE_MODULES="access actions .... jk rewrite"

Create a SSL-certificate

Create a certificate for Apache2. 

# openssl genrsa -out /etc/apache2/ssl.key/ox.key 1024
    Generating RSA private key, 1024 bit long modulus
    ++++....+++.................++++++.....++++++e is 65537 (0x10001)

 # openssl req -new -x509 -days 365 -key /etc/apache2/ssl.key/ox.key -out /etc/apache2/ssl.crt/ox.crt

    You are about to be asked to enter information that will be incorporated
    into your certificate request.
    What you are about to enter is what is called a Distinguished Name or a DN.
    There are quite a few fields but you can leave some blank
    For some fields there will be a default value,
    If you enter '.', the field will be left blank.
    -----
 Country Name (2 letter code) [AU]:DE
 State or Province Name (full name) [Some-State]: Germany, Berlin
 Locality Name (eg, city) []: Berlin
 Organization Name (eg, company) [Internet Widgits Pty Ltd]: OXTester
 Organizational Unit Name (eg, section) []:EDV-WebAdministration
 Common Name (eg, YOUR name) []: PROVIDE YOU OX MACHINE'S FULL URL HERE!
 Email Address []:webmaster[AT_noSpam]domain.tld

Create a config file for OX

Create a separate config file, e.g. '/etc/apache2/conf.d/sslox.conf' 

 <VirtualHost domain.tld:80>
    ServerAlias domain.tld
    ServerAdmin webmaster@domain.tld
    RewriteEngine on
    RewriteRule ^(.*) https://domain.tld$1
 </VirtualHost>

 <VirtualHost _default_:443>
    DocumentRoot "/srv/www/htdocs"
    ServerAlias domain.tld
    ServerAdmin webmaster@domain.tld
    ErrorLog /var/log/apache2/error_log_ssl
    TransferLog /var/log/apache2/access_log_ssl
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /etc/apache2/ssl.crt/ox.crt
    SSLCertificateKeyFile /etc/apache2/ssl.key/ox.key

    <Files ~ ".(cgi|shtml|phtml|php3?)$">
       SSLOptions +StdEnvVars
    </Files>

    <Directory "/srv/www/cgi-bin">
       SSLOptions +StdEnvVars
 </Directory>

    SetEnvIf User-Agent ".*MSIE.*" 
       nokeepalive ssl-unclean-shutdown 
       downgrade-1.0 force-response-1.0
    CustomLog /var/log/apache2/ssl_request_log 
 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"
 </VirtualHost>

Change Apache2's config

Create the following file to simplify OX's startup to http://url instead of http://url/cgi-bin/login.pl 

# cd /srv/www/htdocs
 # vim index.html

Use the following file for an automatic redirect:

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
        "http://www.w3.org/TR/REC-html4/loose.dtd">
    <html lang="de">
    <head>
        <!-- Weiterleitung zur OX-Startseite-->
        <META HTTP-EQUIV="Refresh" CONTENT="0; url=/cgi-bin/login.pl">
     </head>
    </html>

Thawte.nl is eigendom en wordt beheerd door Networking4all B.V. De website is ontstaan door een samenwerking met thawte Inc. Buiten de strategische overeenkomsten welke thawte Inc. en Networking4all B.V. onderling hebben gesloten zijn de organisaties volledig van elkaar onafhankelijk. Alle bedragen in euro's en exclusief BTW.