This document describes how to set up Apache to use SSL with GO!NotifyLink (GO!NL).

1.      Install Apache

A 2.2.x version of Apache should be used with GO!NL. Be sure to download and install the one labeled “Win32 Binary including OpenSSL”.

2.      Install GO!NotifyLink

3.      Configure Apache to use SSL

a.       Open the Apache configuration file (default location C:\Program Files\Apache Software Foundation\Apache2.2\conf\httpd.conf).

b.      Search for “ssl_module”.

c.       Remove the ‘#’ from the beginning of the line.

d.      Search for “httpd-ssl.conf”.

e.       Remove the ‘#’ from the beginning of the line.

f.       Save the httpd.conf file.

4.      Copy the Server Certificate and Server Private Key

A certificate signed from a trusted CA can be used, or a self-signed certificate can be generated. This document assumes that the Server Certificate file is named server.crt and the Server Private Key file is named server.key.

To generate a self-signed certificate, follow these steps:

a.       From the command line, change to the Apache bin directory (default location C:\Program Files\Apache Software Foundation\Apache2.2\bin).

b.      Run the following command to generate the certificate signing request. Note that when prompted for the Common Name, the domain name for the web server should be used.

c.       Run the following command to remove the passphrase from the private key. This is done so the passphrase does not need to be entered any time Apache is started. Note that the server.key file that is generated should be secured properly.

d.      Run the following command to generate the self-signed certificate. The certificate will expire after one year. To change how long it is valid, adjust the number following –days appropriately.

e.       The server.crt and server.key files generated will be in the Apache bin directory.

Whether a trusted cert or self-signed cert are used, the server.crt and server.key files should be copied to the Apache conf directory (default location C:\Program Files\Apache Software Foundation\Apache2.2\conf).

5.      Edit the GO!NL nl.conf file

a.       Backup the existing GO!NL nl.conf file (default location C:\Program Files\NotifyLink Enterprise Server\nl.conf).

b.      Open the GO!NL nl.conf file in Notepad.

c.       Update the contents of the file to the following.

Note that this assumes GO!NL was installed to C:\Program Files\NotifyLink Enterprise Server and Apache was installed to C:\Program Files\Apache Software Foundation\Apache2.2. The directories below will need updated if either was installed to another location, making sure to use / instead of \ in the path.

Also note that INTERNALADDRESS should be replaced with the internal server address, and EXTERNALADDRESS should be replaced with the external server address.

NameVirtualHost INTERNALADDRESS:80

NameVirtualHost INTERNALADDRESS:443

<VirtualHost INTERNALADDRESS:80>

  ServerName INTERNALADDRESS:80

  ServerAlias INTERNALADDRESS:80

  DocumentRoot "C:/Program Files/NotifyLink Enterprise Server/web/"

  ErrorLog "|\"C:/Program Files/Apache Software Foundation/Apache2.2/bin/rotatelogs.exe\" \"C:/Program Files/NotifyLink Enterprise Server/logs/apache.%Y-%m-%d.error\" 86400"

  CustomLog "|\"C:/Program Files/Apache Software Foundation/Apache2.2/bin/rotatelogs.exe\" \"C:/Program Files/NotifyLink Enterprise Server/logs/apache.%Y-%m-%d.access\" 86400" common

</VirtualHost>

#NameVirtualHost EXTERNALADDRESS

<VirtualHost EXTERNALADDRESS:80>

  ServerName EXTERNALADDRESS:80

  ServerAlias EXTERNALADDRESS:80

  DocumentRoot "C:/Program Files/NotifyLink Enterprise Server/web/"

  ErrorLog "|\"C:/Program Files/Apache Software Foundation/Apache2.2/bin/rotatelogs.exe\" \"C:/Program Files/NotifyLink Enterprise Server/logs/apache.%Y-%m-%d.error\" 86400"

  CustomLog "|\"C:/Program Files/Apache Software Foundation/Apache2.2/bin/rotatelogs.exe\" \"C:/Program Files/NotifyLink Enterprise Server/logs/apache.%Y-%m-%d.access\" 86400" common

</VirtualHost>

<IfModule ssl_module>

  <VirtualHost INTERNALADDRESS:443>

    ServerName INTERNALADDRESS:443

    ServerAlias INTERNALADDRESS:443

    DocumentRoot "C:/Program Files/NotifyLink Enterprise Server/web/"

    ErrorLog "|\"C:/Program Files/Apache Software Foundation/Apache2.2/bin/rotatelogs.exe\" \"C:/Program Files/NotifyLink Enterprise Server/logs/apache.%Y-%m-%d.error\" 86400"

    CustomLog "|\"C:/Program Files/Apache Software Foundation/Apache2.2/bin/rotatelogs.exe\" \"C:/Program Files/NotifyLink Enterprise Server/logs/apache.%Y-%m-%d.access\" 86400" common

    SSLEngine on

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.crt"

    SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.key"

  </VirtualHost>

  <VirtualHost EXTERNALADDRESS:443>

    ServerName EXTERNALADDRESS:443

    ServerAlias EXTERNALADDRESS:443

    DocumentRoot "C:/Program Files/NotifyLink Enterprise Server/web/"

    ErrorLog "|\"C:/Program Files/Apache Software Foundation/Apache2.2/bin/rotatelogs.exe\" \"C:/Program Files/NotifyLink Enterprise Server/logs/apache.%Y-%m-%d.error\" 86400"

    CustomLog "|\"C:/Program Files/Apache Software Foundation/Apache2.2/bin/rotatelogs.exe\" \"C:/Program Files/NotifyLink Enterprise Server/logs/apache.%Y-%m-%d.access\" 86400" common

    SSLEngine on

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.crt"

    SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.key"

  </VirtualHost>

</IfModule>

<Directory "C:/Program Files/NotifyLink Enterprise Server/web/">

  Options FollowSymLinks MultiViews

  AllowOverride AuthConfig

  Order allow,deny

  Allow from all

  DirectoryIndex index.html index.php

</Directory>

6.      Restart Apache