ID #1152

Convert from Http to Https (x64 systems)

Convert the existing Web-Console access from HTTP to SSL (HTTPS)

This Document is for x64 based systems

 

Organizations who want to start using https as the primary mode of connectivity for eScan WMC, should follow these steps:

 

1. Stop eScan-Apache Service using Service Control Window

2. Modify httpd.conf file located at path "C:\program files <x86>\common files\microworld\apache2\conf\httpd.conf"
      Note: Take backup of file before Modifying

      Locate the below mentioned lines in the conf and remove the preceding #
      #LoadModule ssl_module modules/mod_ssl.so
      
3. Modify "C:\program files <x86>\common files\microworld\apache2\conf\apache_escan_vhost.conf"
      Note: Take backup of file before Modifying

      Locate the below mentioned lines in the conf and remove the preceding #
      #SSLPassPhraseDialog  builtin
      #SSLSessionCache none
      #SSLMutex default
      #SSLRandomSeed startup builtin
      #SSLRandomSeed connect builtin
      #SSLEngine on
      #SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
      #SSLCertificateFile bin/ssl/webconsole.cer
      #SSLCertificateKeyFile bin/ssl/webconsole.key
      #SSLCACertificateFile bin/ssl/ca.cer
      #SSLOptions +StdEnvVars

4. Launch Command prompt with Administrator priviliage and go to directory "C:\program files <x86>\common files\microworld\apache2\bin\SSL"
      and check if file webconsole.cer, webconsole.key, ca.cer is created or not during installation

5. If any of the above file is missing you need to regenerate SSL certificate
      Execute/run the file ssl_cert.exe to generate self-signed certificates necessary for SSL from directory "C:\program files <x86>\common files\microworld\apache2\bin"
      
      Note: If ssl_cert.exe file is not present, kindly download from below link
      http://www.microworldsystems.com/download/tools/ssl_cert.exe    
      
6. Pause eScan Protection and go to directory "C:\program files <x86>\eScan")
      Open eserv.ini and change the value of UseHTTPs from "0" to "1" in Config Section.

7. Restart the system

8. Browse to https://localhost:10443 or https://ipaddress:10443 and add the Self-Signed certificate to the ssl-store of the browser.

Tags: http, https, ssl

Related entries:

You can comment this FAQ