Cisco Headend System Release 2.7 Installation Guide
Appendix C
SSL Configuration for the LoadPIMS Web Service
114
4036043 Rev B
9 Type the following command and then press Enter to create the necessary link.
ln -s /etc/opt/certs/server.crt cachain.crt
10 Is client authentication required on this system?
If yes, type
cp server.crt cacert.pem
and then press Enter.
If no, comment out in the ssl.conf file the line that includes SSL VerifyClient.
11 Type
ps -ef | grep apache2
and then press Enter to verify the Apache2
process is running with SSL.
Example: A message similar to the following should appear:
Example: A message similar to the following should appear:
dncs 18058 18054 0 00:45:45 ? 0:00
/usr/apache2/bin/httpd -k start -DSSL
root 18054 1 0 00:45:44 ? 0:03 /usr/apache2/bin/httpd -
k start -DSSL
12 Type the following command and then press Enter to verify that SSL processing
is active.
openssl s_client -cipher ADH-RC4-MD5 -connect localhost:443
-state -debug
Example: Output similar to the following should appear:
CONNECTED(00000004)
SSL_connect:before/connect initialization
write to 0008E7D8 [0008EDE8] (46 bytes => 46 (0x2E))
0000 - 80 2c 01 03 01 00 03 00-00 00 20 00 00 18 23 98
.,........ ...#.
0010 -
3
d 9f 16 9f 4c 09 90 92-fe 94 36 81 09 6d e0 b4
=...L.....6..m..
0020 - e1 92 03 52 48 df 2c 57-42 9a 48 f3 98 a1
...RH.,WB.H...
SSL_connect:SSLv2/v3 write client hello A
read from 0008E7D8 [00094348] (7 bytes => 7 (0x7))
0000 - 16 03 01 00 4a 02
....J.
0007 - <SPACES/NULS>
read from 0008E7D8 [0009434F] (72 bytes => 72 (0x48))
0000 - 00 46 03 01 4b 7c 7b a6-99 60 bb 97 1a a6 63 3c
.F..K|{..`....c<
0010 - 86 b0 11 13 a3 8d 53 72-24 aa 68 62 e5 f5 ae 91
......Sr$.hb....
0020 - 80 aa 06 c3 20 49 36 a9-0e fb cf 7a aa 96 c1 21
.... I6....z...!