Cisco Headend System Release 2.7 Guide De Montage
Appendix C
SSL Configuration for the LoadPIMS Web Service
110
4038415 Rev A
Configure the WS-BOSS Directives
This configuration step is optional and is only required if access to the WS-BOSS
interface is desired. The WS-BOSS configuration is performed through the
/etc/apache2/conf/boss.http file Note that in systems older than SR 4.5, the
WS-BOSS configuration is maintained in the rpcserver.conf file. If your system has
the rpcserver.conf file, follow these steps.
1 Comment out the following lines in rpcserver.conf file:
interface is desired. The WS-BOSS configuration is performed through the
/etc/apache2/conf/boss.http file Note that in systems older than SR 4.5, the
WS-BOSS configuration is maintained in the rpcserver.conf file. If your system has
the rpcserver.conf file, follow these steps.
1 Comment out the following lines in rpcserver.conf file:
#ProxyPass /dncs/soap/bossreq
http://localhost:18084/dncs/soap/bossreq
http://localhost:18084/dncs/soap/bossreq
#ProxyPassReverse /dncs/soap/bossreq
http://localhost:18084/dncs/soap/bossreq
http://localhost:18084/dncs/soap/bossreq
2 Use a text editor to create the /etc/apache2/conf/boss.http file with the
following directives:
<Location /dncs/soap/bossreq>
# The SSL configuration is not supported prior to 4.5
#SSLVerifyClient require
#SSLVerifyDepth 5
ProxyPass http://localhost:18084/dncs/soap/bossreq
ProxyPassReverse http://localhost:18084/dncs/soap/bossreq
# The following directives will not be present after 4.5 as
client-cert
# authentication will be used. This should be present if
client access to WS-BOSS
# over HTTP is required.
Order Deny,Allow
Allow from localhost
Allow from dncs
Allow from appservatm
#Allow from client_ip
Deny from all
</Location>
Note: Requests to these relative URLs will be defined unless an allow is
specifically added to allow a client to connect to the Apache server. The
following procedure, Configure Client IP Addresses for the loadPIMS Service,
details how to add a client's IP address to the list of IP addresses allowed to
connect to the DNCS web services.
specifically added to allow a client to connect to the Apache server. The
following procedure, Configure Client IP Addresses for the loadPIMS Service,
details how to add a client's IP address to the list of IP addresses allowed to
connect to the DNCS web services.