Author Topic: How to secure the CWP panel https  (Read 10577 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
How to secure the CWP panel https
« on: May 09, 2016, 08:58:13 PM »
Can someone explain to me how to secure the CWP panel https://domainname.ext:2031 
with an bought SSL certificate.

Offline
*
Re: How to secure the CWP panel https
« Reply #1 on: May 09, 2016, 10:26:11 PM »
Never mind.

I found out how to do this.

This is what I did.


Code: [Select]
cd /etc/pki/tls/certs/

sr1.domain.ltd is your FQDN

Code: [Select]
nano sr1.domain.ltd.crt
copy all the lines and generate a new SSL from our SSL provider.

empty the file.


Code: [Select]
cat /dev/null > sr1.domain.ltd.crt
insert the new .crt from your ssl provider.

Code: [Select]
nano sr1.domain.ltd.crt
Next

Code: [Select]
nano /usr/local/cwpsrv/conf.d/cwp-ssl.conf
replace server IP with * like this

Code: [Select]
Listen 2031
<VirtualHost 192.168.1.2:2031>
        ServerName 192.168.1.2
        SSLEngine on
   SSLCertificateKeyFile /etc/pki/tls/private/sr1.domain.ltd.key
   SSLCertificateFile /etc/pki/tls/certs/sr1.domain.ltd.crt
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>

To

Code: [Select]
Listen 2031
<VirtualHost *:2031>
        ServerName *
        SSLEngine on
   SSLCertificateKeyFile /etc/pki/tls/private/sr1.domain.ltd.key
   SSLCertificateFile /etc/pki/tls/certs/sr1.domain.ltd.crt
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>

Then restart cwp service like this /etc/init.d/cwpsrv restart

All is working fine now.
« Last Edit: May 09, 2016, 10:34:05 PM by kerfiseining »