Changes in f9bad95: Created ssl support (markdown)

				wiki/ssl-support.md
			
          @@ -0,0 +1,42 @@

          +# Supporting HTTPS / SSL

          +

          +On sapsailing.com, we have a security certificate installed. For root users its key is visible at `/etc/pki/tls/private/star_sapsailing_com.key`. The certicicate is at `/etc/pki/tls/certs/star_sapsailing_com.crt`. To enable SSL on a server, the module `mod_ssl` needs to be installed. Use ``yum install mod_ssl``.

          +

          +When this is done, the server can use the following sequence of directives inside a &lt;VirtualHost&gt; element:

          +

          +<pre>

          +        SSLEngine  On

          +        SSLCertificateFile /etc/pki/tls/certs/star_sapsailing_com.crt

          +        SSLCertificateKeyFile /etc/pki/tls/private/star_sapsailing_com.key

          +</pre>

          +

          +A full-blown &lt;VirtualHost&gt; element in a rewrite macro in `000-macros.conf` then could look like this:

          +

          +```

          +<Macro Event-SSL $HOSTNAME $EVENTUUID $IP $PORT>

          +    <VirtualHost *:443>

          +        ServerName $HOSTNAME

          +

          +        SSLEngine  On

          +        SSLCertificateFile /etc/pki/tls/certs/star_sapsailing_com.crt

          +        SSLCertificateKeyFile /etc/pki/tls/private/star_sapsailing_com.key

          +

          +        Use Headers

          +

          +        RewriteEngine on

          +

          +        RewriteCond %{REQUEST_URI} "^(/)?$"

          +        RewriteRule ^(/)?$ "https://$HOSTNAME/gwt/Home.html?%{QUERY_STRING}#/event/:eventId=$EVENTUUID" [L,NE]

          +

          +        Use Rewrite $IP $PORT

          +    </VirtualHost>

          +</Macro>

          +```

          +

          +It can then be used inside the `001-events.conf` file like this

          +

          +```

          +Use Event-SSL ssltest.sapsailing.com "f8087b3c-c641-4fda-bf8d-0bc2abe09e40" 172.31.22.239 8888

          +```

          +

          +Keep in mind that the certificate we have only is valid for `*.sapsailing.com` which does not include 2nd-level sub-domains such as a.b.sapsailing.com.

          \ No newline at end of file

...	...	@@ -0,0 +1,42 @@
	1	+# Supporting HTTPS / SSL
	2	+
	3	+On sapsailing.com, we have a security certificate installed. For root users its key is visible at `/etc/pki/tls/private/star_sapsailing_com.key`. The certicicate is at `/etc/pki/tls/certs/star_sapsailing_com.crt`. To enable SSL on a server, the module `mod_ssl` needs to be installed. Use ``yum install mod_ssl``.
	4	+
	5	+When this is done, the server can use the following sequence of directives inside a <VirtualHost> element:
	6	+
	7	+<pre>
	8	+ SSLEngine On
	9	+ SSLCertificateFile /etc/pki/tls/certs/star_sapsailing_com.crt
	10	+ SSLCertificateKeyFile /etc/pki/tls/private/star_sapsailing_com.key
	11	+</pre>
	12	+
	13	+A full-blown <VirtualHost> element in a rewrite macro in `000-macros.conf` then could look like this:
	14	+
	15	+```
	16	+<Macro Event-SSL $HOSTNAME $EVENTUUID $IP $PORT>
	17	+ <VirtualHost *:443>
	18	+ ServerName $HOSTNAME
	19	+
	20	+ SSLEngine On
	21	+ SSLCertificateFile /etc/pki/tls/certs/star_sapsailing_com.crt
	22	+ SSLCertificateKeyFile /etc/pki/tls/private/star_sapsailing_com.key
	23	+
	24	+ Use Headers
	25	+
	26	+ RewriteEngine on
	27	+
	28	+ RewriteCond %{REQUEST_URI} "^(/)?$"
	29	+ RewriteRule ^(/)?$ "https://$HOSTNAME/gwt/Home.html?%{QUERY_STRING}#/event/:eventId=$EVENTUUID" [L,NE]
	30	+
	31	+ Use Rewrite $IP $PORT
	32	+ </VirtualHost>
	33	+</Macro>
	34	+```
	35	+
	36	+It can then be used inside the `001-events.conf` file like this
	37	+
	38	+```
	39	+Use Event-SSL ssltest.sapsailing.com "f8087b3c-c641-4fda-bf8d-0bc2abe09e40" 172.31.22.239 8888
	40	+```
	41	+
	42	+Keep in mind that the certificate we have only is valid for `*.sapsailing.com` which does not include 2nd-level sub-domains such as a.b.sapsailing.com.
...	...	\ No newline at end of file