Cisco Headend System Release 2.5 Installation Guide
Appendix C
SSL Configuration for the LoadPIMS Web Service
114
4038415 Rev A
Enable the Secure Socket Layer (SSL) with
Apache2
Required Changes to the /etc/apache2/ssl.conf File
The following table shows the SSL configuration properties that are modified in the
ssl.conf file:
ssl.conf file:
SSL Configuration Parameters
ssl.conf variables
SSLCipherSuite
Need to add ADH-RC4-
MD5
MD5
SSLCertificateFile
/etc/opt/certs/server.crt
SSLCertificateKeyFile
/etc/opt/certs/server.key
SSLCertificateChainFile /etc/opt/certs/cachain.crt
The server certificate CA
certificate chain. This file
must contain the entire CA
certificate chain used to
sign the server certificate.
The NSO CA certificate
should be added to this file.
certificate chain. This file
must contain the entire CA
certificate chain used to
sign the server certificate.
The NSO CA certificate
should be added to this file.
SSLCACertificateFile
/etc/opt/certs/cacert.pem
The certificate authority's
certificates should be
placed in here, if certificate-
authentication for the client
is required. This may be
required for the billing
interface (SR 4.5).
certificates should be
placed in here, if certificate-
authentication for the client
is required. This may be
required for the billing
interface (SR 4.5).
The following steps outline the changes required to enable SSL on the DNCS server.
Be sure that you are root user.
1 Follow these instructions to disable the Apache2 service on a Solaris 10 system.
Be sure that you are root user.
1 Follow these instructions to disable the Apache2 service on a Solaris 10 system.
a Type the following command and then press Enter.
svcs -a | grep apache
b Do the results from step a show that the Apache2 service is running (online)?
Example:
online 0:45:44 svc:/network/http:apache2
–
If yes, type the following command and then press Enter.
svcadm disable apache2
–
If no, go to step 2.