You are here

how to tell if you're SSL-enabled

Submitted by Tom on Thu, 02/02/2012 - 17:34

I'm preparing to do my first Luminis upgrade (heading to 4.3.0.81 I think). As I go through the upgrade manual I came to a section about re-enabling SSL.

My linux admin swear's we're SSL enabled. As I look at what the instructions say to do to re-enable after the upgrade and compare that to my production system, I don't think we are.

The manual says to

configman -g web.secure.access.config

And to expect 3 lines. I have just one:

/opt/luminis/webapps/luminis/WEB-INF/config/websecure.email.xml

We're not using the built in email, we've got an SSO to gmail.

The url for luminis is http, not https.

Is there more to being SSL-enabled than just having the https connection? Something the admin who installed the system (who no longer works here) could have done so it was secured but not explicitly https?

What else should I be looking at? I'm not a "web guy", not really even a Linux guy, so don't assume any idea is too basic to mention.

TIA ...

Tom

Luminis Version:

The configman output is correct and there should only be one file listed which is an XML file describing the settings for various nodes or pieces of your site. I'm not familiar with the websecure.email.xml file and exactly what that has secure settings for but to use full SSL settings you should have that configman value set to websecure.all.xml (/opt/luminis/webapps/luminis/WEB-INF/config/websecure.all.xml).

This will require almost all of your requests to come in via HTTPS. We are using parallel deployment with two web tiers behind a load balancer which redirects any HTTP requests to HTTPS.

-Tom