Cisco Headend System Release 2.5 Installation Guide
Enable the Secure Socket Layer (SSL) with Apache2
4036043 Rev B
111
Enable the Secure Socket Layer (SSL) with
Apache2
Required Changes to the /etc/apache2/ssl.conf File
The following table shows the SSL configuration properties that are modified in the
ssl.conf file:
ssl.conf file:
SSL Configuration Parameters
ssl.conf variables
ssl.conf variables
SSLCipherSuite
Need to add
ADH-RC4-MD5
ADH-RC4-MD5
SSLCertificateFile
/etc/opt/certs/server.crt
SSLCertificateKeyFile
/etc/opt/certs/server.key
SSLCertificateChainFile /etc/opt/certs/cachain.crt The server certificate CA
certificate chain. This file
must contain the entire CA
certificate chain used to
sign the server certificate.
The NSO CA certificate
should be added to this file.
must contain the entire CA
certificate chain used to
sign the server certificate.
The NSO CA certificate
should be added to this file.
SSLCACertificateFile
/etc/opt/certs/cacert.pem The certificate authority's
certificates should be
placed in here, if certificate-
authentication for the client
is required. This may be
required for the billing
interface (SR 4.5).
placed in here, if certificate-
authentication for the client
is required. This may be
required for the billing
interface (SR 4.5).
The following steps outline the changes required to enable SSL on the DNCS server.
Be sure that you are root user.
1 Follow these instructions to disable the Apache2 service on a Solaris 10 system.
Be sure that you are root user.
1 Follow these instructions to disable the Apache2 service on a Solaris 10 system.
a Type svcs -a | grep apache and then press Enter.
b Do the results from step a show that the Apache2 service is running (online)?
b Do the results from step a show that the Apache2 service is running (online)?
Example:
online 0:45:44 svc:/network/http:apache2
–
If yes, type svcadm disable apache2 and then press Enter.
–
If no, go to step 2.