Table of Contents
Advertisement
13.5.4 Configuring the Web Access Server for SSL
Communications with Web Browsers
The iFolder 3.x Web Access server requires a secure connection between the user's Web browser
and the Web Access server. The SSL connection supports the secure exchange of data. For most
deployments, this setting should not be changed because iFolder uses HTTP BASIC for
authentication, which means passwords are sent to the server in the clear. Without SSL encryption,
the iFolder data is also sent in the clear.
The following Rewrite parameters control this behavior and are located in the
conf.d/ifolder_web.conf
LoadModule rewrite_module /usr/lib/apache2/mod_rewrite.so
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/ifolder/(.*) https://%{SERVER_NAME}/ifolder/$1 [R,L]
To disable the requirement for SSL connections, you can comment out these Rewrite command lines
in the
ifolder_web.conf
comment.
WARNING: Without an SSL connection, traffic between a user's Web browser and the Web Access
server is not secure.
To disable the SSL requirement:
1 Stop the iFolder Web Access services.
2 Edit the
/etc/apache2/conf.d/ifolder_web.conf
command lines.
For example:
#LoadModule rewrite_module /usr/lib/apache2/mod_rewrite.so
#RewriteEngine On
#RewriteCond %{HTTPS} !=on
#RewriteRule ^/ifolder/(.*) https://%{SERVER_NAME}/ifolder/$1 [R,L]
3 Start the iFolder Web Access services.
13.5.5 Configuring an SSL Certificate for the Web Access
Server
For information, see
"Managing SSL Certificates for Apache" on page
file:
file. Placing a pound sign (
/etc/apache2/
) at the beginning of each line renders it as a
#
file to comment out the Rewrite
197.
Managing an iFolder Web Access Server 161
Advertisement
Table of Contents
