How to set up HTTPS For AppLoader?

Follow the below instructions to setup HTTPS on AppLoader or AppsWatch:

The https is supported as of AppLoader, AppsWatch, and ScenarioBuilder version 8.3.7.4 and up. 

1. Get your "private.key" and "certificate.crt" files either through OpenSSL or some other trusted website. To create the two files using the included OpenSSL file:

 a.  Open command line
 b. cd "APPLICATION_PATH/webserv/bin"
 c.  run these commands one after another:
openssl genrsa -aes256 -out private.key 2048
openssl rsa -in private.key -out private.key
openssl req -new -x509 -nodes -sha1 -key private.key -out certificate.crt -days 36500 -config "APPLICATION_PATH/webserv/conf/openssl.cnf"

2. Copy the "private.key" and "certificate.crt" files from "APPLICATION_PATH/webserv/bin" folder into "APPLICATION_PATH/webserv/conf/ssl" folder (create ssl folder if missing)

3. Download and Copy the attached file "httpd-ssl.conf" file into "APPLICATION_PATH/webserv/conf/extra" folder (create the "extra" folder if missing)

4. Edit the file "httpd-ssl.conf" and make sure that the file has the correct values in it:

Listen 443

SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4

SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin

<VirtualHost _default_:443>
DocumentRoot "APPLICATION_PATH/apps"
ServerName SERVER_NAME:443
ServerAdmin ADMIN_EMAIL_ADDRESS
ErrorLog "APPLICATION_PATH/webserv/logs/error.log"

SSLEngine on

SSLCertificateFile "APPLICATION_PATH/webserv/conf/ssl/certificate.crt"
SSLCertificateKeyFile "APPLICATION_PATH/webserv/conf/ssl/private.key"
</VirtualHost>

5. Edit "APPLICATION_PATH/webserv/conf/httpd.conf" file

  • Add # before Listen 8888 to comment out the line.
  • Add the following lines after "LoadModule authz_core_module modules/mod_authz_core.so":

Include conf/extra/httpd-ssl.conf

LoadModule ssl_module modules/mod_ssl.so

6. Make sure "APPLICATION_PATH/webserv/bin/php.ini" and  "APPLICATION_PATH/webserv/bin/bin/php.ini" files have "extenstion=php_openssl.dll" un-commented. Add the line if missing in the list of extensions.

7. Restart AppLoader (or AppsWatch) Scheduler and WebServer services from Windows Task Manager

8. Add (or uncomment) the following option in vstation.ini (or sstation.ini)

secure=yes

9. In Scenario Builder you should change the following options from Options > Base:

a.  Make sure to add "https://" before the controller address

b.  Make sure that the port number is 443 for the controller 

APPLICATION_NAME = Apploader (or AppsWatch)

APPLICATION_PATH = .../NrgGlobal or Automai/APPLICATION_NAME

Note: If you have differnet names for private.key and/or certificate.crt, or if you have installed AppLoader/AppsWatch in a different directory than the default one, you should edit httpd-ssl.conf file and change SSLCertificateFile and SSLCertificateKeyFile to point to the correct file paths.