Enabling HTTPS in Comstice Wallboard

September 03, 2018
Enabling HTTPS in Comstice Wallboard

This guide explains the steps followed in setting up HTTPS for the Comstice Wallboard server. The steps are straight forward and your experience should be simple.

You need to have:

  • - key file
  • - crt file
  • - root certificate from the CA

Before you start

  • Create an SSL directory
            $ mkdir /opt/ssl
            $ chown -R comstice:comstice  /opt/ssl
  • Copy files into SSL directory via SFTP

Enabling HTTPS in Apache2

        $ vi /etc/apache2/sites-available/default-ssl.conf
        $ i

        Enter the following in the file.
        ServerName example.com
        ServerAlias www.example.com
        SSLEngine on
        SSLCertificateFile      /opt/ssl/certs/example.com.crt
        SSLCertificateKeyFile /opt/ssl/private/example.com.key
        When it's done:
        Enter Esc then :wq (colon write quite)
        $ sudo a2enmod ssl
        $ sudo systemctl restart apache2.service

Modifying Express Settings

        $ cd /opt/www/universal/js
        $ vi setting.js
        $ i

        url: "https://hostname.com:8445", //http://www.uccedemo.co:8080
	    url_page: "https://hostname.com/universal", // Url of Home Page  //http://www.uccedemo.co/universal
	    server_url: "https://hostname.com:2778", //http://www.uccedemo.co:3000

Enabling HTTPS in Express

        $ cd /opt/www/express/bin

In this folder there is already a key file and a crt file. Copy your key and crt files here under the same name i.e. overwrite the existing files. But the filenames must be as before. Also make sure that the files are owned by comstice user

        $ chown -R comstice:comstice /opt/www/express

Enabling HTTPS in Java Dropwizard

  • Concantenate alias certificate and the root certificate from the authority
            $ cat STAR.dev.example.com.crt COMODo_DCS.crt > newbundle.crt
  • Create PKCS12 Keystore
            $ openssl pkcs12 -export -in newbundle.crt -inkey STAR.dev.example.com.key -out keystore.p12 -CAfile temp.crt
  • Convert PKCS12 keystore to JKS
            $ keytool -importkeystore -srckeystore keystore.p12 -destkeystore cacerts/keystore.jks -srcstoretype pkcs12 -deststoretype jks

Updating config.yml

Open the config.yml file and save the following information.

        $ vi /opt/informix/config.yml
        $ i
        Enter the following and save.
        - type: http
            port: 8080
        - type: https
            port: 8445
            keyStorePath: ./keystore/myKeyStore.jks
            keyStorePassword: "myPassword"
            validateCerts: false
            validatePeers: false

        Enter Esc
        :wq (colon write quit to save)

Restart the server and test the https, you must use the hostname of the server such as wallboard.comstice.com and the domain must match the certificate domain https://wb.comstice.com:8445/csqname/allcsqs

        $ service wallboard restart

Join our newsletter for all the news and ideas we are working on

By visiting our site, you agree to use of cookies to enhance your browsing experience. I Agree