Enabeling HTTPS on RHEL 7

pim · March 31, 2020, 1:01pm

Hi there,

I’m having difficulties enabling HTTPS on RHEL 7.
according to https://checkmk.com/cms_omd_https.html I should find a virtual host configuration in welcome.conf but there isn’t

This is the content of welcome.conf:
<LocationMatch “^/+$”>
Options -Indexes
ErrorDocument 403 /.noindex.html

<Directory /usr/share/httpd/noindex>
AllowOverride All
Require all granted

Alias /.noindex.html /usr/share/httpd/noindex/index.html

I put the rewriteengine part of the config in there but it did not do anything

In which file should i put this rewrite config?

help is much appreciated

mace · March 31, 2020, 3:03pm

Try a config like this

# /etc/httpd/conf.d/monitoring.domain.com

<VirtualHost *:80>
 ServerAdmin monitoring-admin@domain.com
 DocumentRoot /var/www/html
 ServerName monitoring.domain.com
 Include /omd/apache/*.conf
 RewriteEngine On
 RewriteCond %{SERVER_PORT} !^443$
 RewriteRule (.*) https://%{HTTP_HOST}/$1 [L]
 RequestHeader set X-Forwarded-Proto "https"
</VirtualHost>
<VirtualHost *:443>
 ServerAdmin monitoring-admin@domain.com
 DocumentRoot /var/www/html
 ServerName monitoring.domain.com
 SSLEngine on
 SSLCertificateFile      /etc/ssl/monitoring.domain.com.crt
 SSLCertificateChainFile /etc/ssl/monitoring.domain.com.chain
 SSLCertificateKeyFile   /etc/ssl/monitoring.domain.com.key
 Include /omd/apache/*.conf
</VirtualHost>

SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder     off

maybe you have to remove the welcome.conf

pim · April 1, 2020, 12:54pm

Thanks Mace that was it

system · May 1, 2020, 10:54pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.