Environment
Retain 1.x+
SLES 10, 11
Apache 2.x
Situation
What is the proper procedure for setting up mod_ssl on Apache for SLES 10.x and 11.x?
Resolution
1. Create SSL key and signed certificate and place into a directory with root only permissions. Here is a good reference for creating an SSL key/certificate: http://onlamp.com/pub/a/onlamp/2008/03/04/step-by-step-configuring-ssl-under-apache.html
2. In /etc/apache2/vhosts.d, create a copy of vhost-ssl.template and name it as something with a .conf extension (eg. retain-ssl.conf).
3. Open the vhost file you just created and set "SSLCertificateFile" and "SSLCertificateKeyFile" to the path(s) of your key and signed certificate.
Also change the following tag:
to:
4. Open /etc/sysconfig/apache2. In the "APACHE_MODULES" option, make sure ssl is in the list of modules which Apache needs to load.
Also add -DSSL to "APACHE_SERVER_FLAGS":
5. Restart Apache2. To verify it is working, open a browser and go to https://your_server_hostname/RetainServer.
Note:
If case you are using the Retain Plugin for the GroupWise Client, you might see the following error when you hit the Retain button:
After you click on the "OK" button, the Retain Web UI will be opened in a browser, but will show a login error.
In that case, please open the the vhost file, that you created during step 3, again and scroll down to the
Virtual Host section.
Within the line "SSL Protocol" please remove the "-SSLv3" part.
After a restart Apache will support all available options, but not -SSLv2.
Additional Information
This article was originally published in the GWAVA knowledgebase as article ID 1993.