How to switch the ARC web interface from HTTP (port 8081) to HTTPS (port 443)

Last updated

01:47, 9 Dec 2015
Save as PDF
Share
1. Share
2. Share
3. Tweet
4. Share

Article Type: General
Product: Aleph

Desired Outcome Goal:
Enable SSL encryption for the ARC web interface by switching Apache from HTTP (port 8081) to HTTPS (port 443)

Procedure:
Example:
ARC 2, installed in slot 1 ($arc_dev = /exlibris/crn/arc2_1)
Hostname of ARC server: xyz-arc.hosted.exlibrisgroup.com

(1)
Shut down the ARC application and Apache by entering the following command as UNIX user crn:

$ $arce_root/arc_shutdown

(2)
Ensure that the Apache configuration file $httpd_root/conf/httpd.conf includes the following line:

LoadModule ssl_module /exlibris/crn/arc2_1/product/local/apache/modules/mod_ssl.so

(3)
Ensure that file $httpd_root/conf/ssl.conf points a valid SSL Certificate File, a Key File and a Certificate Chain File:

Example:

SSLCertificateFile /exlibris/crn/arc2_1/arce/apache/SSLconf/conf/arc_server.crt
SSLCertificateKeyFile /exlibris/crn/arc2_1/arce/apache/SSLconf/conf/arc_server.key
SSLCertificateChainFile /exlibris/crn/arc2_1/arce/apache/SSLconf/conf/ca_chain.crt

(4)
Change the file $httpd_root/bin/apachectl_auto as follows:

$ diff apachectl_auto.orig apachectl_auto
3c3
< $httpd_bin/httpd -d $httpd_root
---
> $httpd_bin/httpd -d $httpd_root -DSSL

(5)
Ensure that the file /exlibris/startup/init.dat includes the following lines:

Y:apache:root:httpd:arc2_1:/exlibris/crn/arc2_1:apachectl_auto:apachectl
Y:arc:crn:arc2_1:/exlibris/crn/arc2_1:arc_startup:arc_shutdown

The first line above will start Apache with the privileges of UNIX user root when the ARC server boots.

(6)
Disable the command for starting Apache with the privileges of UNIX user crn in the script $arce_root/arc_startup:

$ diff arc_startup.orig arc_startup
14,15c14,15
< echo "Restarting apache..."
< $httpd_root/bin/apachectl restart
---
> # echo "Restarting apache..."
> # $httpd_root/bin/apachectl restart

(7)
Disable the command for stopping Apache with the privileges of UNIX user crn in the script $arce_root/arc_shutdown:

$ diff arc_shutdown.orig arc_shutdown
12,13c12,13
< echo "Stopping apache..."
< $httpd_root/bin/apachectl stop
---
> # echo "Stopping apache..."
> # $httpd_root/bin/apachectl stop

(8)
Replace the port number 8081 with the port number 443 in the file $arce_root/arc_start:

$ diff arc_start.orig arc_start
33c33
< setenv HTTPD_PORT 8081
---
> setenv HTTPD_PORT 443
34c34
< setenv PDS_PORT 8081
---
> setenv PDS_PORT 443
42c42
< setenv server_httpd "http://xyz-arc.hosted.exlibrisgroup.com:8081"
---
> setenv server_httpd "https://xyz-arc.hosted.exlibrisgroup.com:443"

(9)
Replace the port number 8081 with the port number 443 in the parameters "gateway" and "controllerServerURI" in file $arc_dev/c8/configuration/cogstartup.xml.

These parameters need to be specified as follows:

<crn:parameter name="gateway">
<crn:value xsi:type="xsd:anyURI">https://xyz-arc.hosted.exlibrisgroup.com:443/cognos8/cgi-bin/cognos.cgi</crn:value>
</crn:parameter>

<crn:parameter name="controllerServerURI">
<crn:value xsi:type="xsd:anyURI">https://localhost:443/cognos8/controllerServer</crn:value>
</crn:parameter>

(10)
Create the file $httpd_root/htdocs/index.html with the following contents:

<html>
<head>
<script language="Javascript">
function doLoad ()
{
var loc = "https://xyz-arc.hosted.exlibrisgroup.com:443/cognos8/cgi-bin/cognos.cgi";
window.location.href = loc;
}
</script>
</head>
<body onLoad= "javascript:doLoad();">
</body>
</html>

(11)
Start Apache by entering the following command as UNIX user root:

# /exlibris/crn/arc2_1/arce/apache/bin/apachectl_auto

(12)
Start the Cognos processes of ARC by entering the following command as UNIX user crn:

$ $arce_root/arc_startup

Note:
-----
To stop Apache please enter the following command as UNIX user root:

# /exlibris/crn/arc2_1/arce/apache/bin/apachectl stop

Article last edited: 8/28/2014