Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
vendors:cisco:uc:ece:chatapiserver-redhat [2024/10/31 07:59] – [Unable to start Redis Service] gerardorourkevendors:cisco:uc:ece:chatapiserver-redhat [2025/09/24 13:03] (current) – external edit 127.0.0.1
Line 64: Line 64:
 <code>sudo openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/httpd-tmp.key -x509 -days 30 -out /etc/pki/tls/certs/httpd-tmp.crt</code> <code>sudo openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/httpd-tmp.key -x509 -days 30 -out /etc/pki/tls/certs/httpd-tmp.crt</code>
 Enter the details of your Self Signed Cert - making sure to include the FQDN when asked. Then update the ssl.conf file to utilise this certificate and restart the apache server. Enter the details of your Self Signed Cert - making sure to include the FQDN when asked. Then update the ssl.conf file to utilise this certificate and restart the apache server.
 +
 +File: /etc/httpd/conf.d/ssl.conf
 <code> <code>
 SSLCertificateFile /etc/pki/tls/certs/httpd-tmp.crt SSLCertificateFile /etc/pki/tls/certs/httpd-tmp.crt
 SSLCertificateKeyFile /etc/pki/tls/private/httpd-tmp.key SSLCertificateKeyFile /etc/pki/tls/private/httpd-tmp.key
 </code> </code>
 +
 +  *The Private Key should only be RW by the owner.
 +  *The cert should be be RW for owner and R for Group and Others (chmod 644 httpd_20250115.crt)
  
 === Create a CSR Certificate === === Create a CSR Certificate ===
 Below command saves the CSR file to the /home/user1/ directory. Below command saves the CSR file to the /home/user1/ directory.
-<code>sudo openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/httpd.key -out /home/user1/httpd.csr</code>+the Below also adds two SAN records - update as required (making one the same as the CN which you will fill in when prompted). 
 +<code>sudo openssl req -newkey rsa:2048 -addext "subjectAltName = DNS:myhomename.dmz.example.com, DNS:webchat.example.com" -nodes -keyout /etc/pki/tls/private/httpd.key -out /home/user1/httpd.csr</code>
  
 === Import Signed Cert === === Import Signed Cert ===
Line 224: Line 230:
 </code> </code>
  
 +However below doesn't work for me - as this isn't defined in the RHE9 ?
 +<code>
 +setsebool -P httpd_can_network_redis 1
 +</code>
  
 ====PHP TIPS ==== ====PHP TIPS ====
Line 330: Line 340:
 ===== Enabling .htaccess files ==== ===== Enabling .htaccess files ====
 To enable .htacess files edit the httpd configuration file - **/etc/httpd/conf/httpd.conf**  To enable .htacess files edit the httpd configuration file - **/etc/httpd/conf/httpd.conf** 
-In the default document root section: <code> <Directory "/var/www/html"></code>+In the default document root section: <code> <Directory "/data/sites/web/79pid-2tb-hostingcom/html"></code>
  
 Change the **AllowedOverride None** to **AllowedOverride All** Change the **AllowedOverride None** to **AllowedOverride All**
Line 336: Line 346:
 Default Example: Default Example:
 <code> <code>
-<Directory "/var/www/html">+<Directory "/data/sites/web/79pid-2tb-hostingcom/html">
     Options Indexes FollowSymLinks     Options Indexes FollowSymLinks
     AllowOverride None     AllowOverride None
Line 345: Line 355:
 Updated Config Example: Updated Config Example:
 <code> <code>
-<Directory "/var/www/html">+<Directory "/data/sites/web/79pid-2tb-hostingcom/html">
     Options Indexes FollowSymLinks     Options Indexes FollowSymLinks
     AllowOverride All     AllowOverride All
  • vendors/cisco/uc/ece/chatapiserver-redhat.1730361590.txt.gz
  • Last modified: 2024/10/31 07:59
  • by gerardorourke