View Issue Details

IDProjectCategoryView StatusLast Update
0001254bareos-core[All Projects] webuipublic2020-06-30 10:30
ReporterScorpionking83Assigned Toarogge 
PriorityhighSeveritytweakReproducibilityN/A
Status closedResolutionno change required 
PlatformLinuxOSCentOSOS Version7
Product Version19.2.7 
Fixed in Version 
Summary0001254: Enable https function for bareos webui
DescriptionDear sir or madam,

I want to configure https function for bareos webui, but in your manual is not clear how to do this.
I use bareos version 20.0

Can you help me.
Steps To ReproduceSteps I have taken:
1. yum install mod_ssl openssl
2. Create a ssl key and .csr file for certificate requist.
3. From my CA I got a certificate file and imported in '/etc/pki/tls/certs' and the key file is located in '/etc/pki/tls/private/'
4. I altered the ssl.conf file in '/etc/httpd/conf.d/' with the following information:
SSLCertificateFile /etc/pki/tls/certs/*.crt
SSLCertificateKeyFile /etc/pki/tls/private/*.key
5. Then I edit 'httpd.conf' file in '/etc/httpd/conf/' director
ServerName 127.0.0.1:80 {This the localhost because the host is not configured in dns server. It is for testing}

# Adtional security measures enabled #
#ServerSignature disabled
ServerSignature Off
ServerTokens Prod

#Disable trace & tracking function
TraceEnable off

6. httpd restart, but nothing works. Only http works.


Additional InformationAlso I need to enable the following module:
<IfModule mod_headers.c>

Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"

</IfModule>

where can I put this, because I did put it in bareos-webui.conf file and restart the httpd service and still no https function.

And in '/etc/httpd/conf.d' I see a file named 'bareos-webui.conf':
#
# Bareos WebUI Apache configuration file
#

# Environment Variable for Application Debugging
# Set to "development" to turn on debugging mode or
# "production" to turn off debugging mode.
<IfModule env_module>
        SetEnv "APPLICATION_ENV" "production"
</IfModule>

Alias /bareos-webui /usr/share/bareos-webui/public

<Directory /usr/share/bareos-webui/public>

        Options FollowSymLinks
        AllowOverride None

        # Following module checks are only done to support
        # Apache 2.2,
        # Apache 2.4 with mod_access_compat and
        # Apache 2.4 without mod_access_compat
        # in the same configuration file.
        # Feel free to adapt it to your needs.

        # Apache 2.2
        <IfModule !mod_authz_core.c>
                Order deny,allow
                Allow from all
        </IfModule>

        # Apache 2.4
        <IfModule mod_authz_core.c>
                <IfModule mod_access_compat.c>
                    Order deny,allow
                </IfModule>
                Require all granted
        </IfModule>

        <IfModule mod_rewrite.c>
                RewriteEngine on
                RewriteBase /bareos-webui
                RewriteCond %{REQUEST_FILENAME} -s [OR]
                RewriteCond %{REQUEST_FILENAME} -l [OR]
                RewriteCond %{REQUEST_FILENAME} -d
                RewriteRule ^.*$ - [NC,L]
                RewriteRule ^.*$ index.php [NC,L]
        </IfModule>

        <IfModule mod_php5.c>
                php_flag magic_quotes_gpc off
                php_flag register_globals off
        </IfModule>

        <IfModule mod_headers.c>
                Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
        </IfModule>

</Directory>

TagsNo tags attached.
bareos-master: impact
bareos-master: action
bareos-19.2: impact
bareos-19.2: action
bareos-18.2: impact
bareos-18.2: action
bareos-17.2: impact
bareos-17.2: action
bareos-16.2: impact
bareos-16.2: action
bareos-15.2: impact
bareos-15.2: action
bareos-14.2: impact
bareos-14.2: action
bareos-13.2: impact
bareos-13.2: action
bareos-12.4: impact
bareos-12.4: action

Activities

Scorpionking83

Scorpionking83

2020-06-19 12:20

reporter   ~0004011

Last edited: 2020-06-26 13:40

View 4 revisions

I have solve the first problem, I was forgotten to open a port.

Second problem is to allow only https request with httpd service and not http, have anyone an idea?

arogge

arogge

2020-06-30 10:30

developer   ~0004015

Configuring HTTPS on Apache HTTPd is out of scope for the currentl documentation.
If you know how to configure this correctly, feel free to open a PR for the documentation.

If you need assistance with this, please try the mailing-list. Thank you!

Issue History

Date Modified Username Field Change
2020-06-19 08:43 Scorpionking83 New Issue
2020-06-19 12:20 Scorpionking83 Note Added: 0004011
2020-06-19 13:47 Scorpionking83 Note Edited: 0004011 View Revisions
2020-06-26 06:56 Scorpionking83 Note Edited: 0004011 View Revisions
2020-06-26 13:40 Scorpionking83 Note Edited: 0004011 View Revisions
2020-06-30 10:30 arogge Assigned To => arogge
2020-06-30 10:30 arogge Status new => resolved
2020-06-30 10:30 arogge Resolution open => no change required
2020-06-30 10:30 arogge Note Added: 0004015
2020-06-30 10:30 arogge Status resolved => closed