securize zm via https

Forum for questions and support relating to the 1.30.x releases only.
Locked
jepide
Posts: 18
Joined: Sun Nov 12, 2017 7:01 am

securize zm via https

Post by jepide »

Hello !
in order to secure ZM I followed 'https://memo-linux.com/securiser-lacces ... ment-84410'.
I got the certificates , created zoneminder.conf in /etc/apache2/site-enabled/, restarted Apache
but the connexion test failed.
zoneminder.conf is:
NameVirtualHost *:443
<virtualhost *:443>
ServerName serverweb.dom
Alias /zm /usr/share/zoneminder
DocumentRoot /usr/share/zoneminder
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
php_flag register_globals off
Options Indexes FollowSymLinks
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>
</virtualhost>

As i am a beginner , I do not understand where they found serverweb.dom.
May be I have to modify the line 'ServerName serverweb.dom' ? Or what else ?

Thanks in advance for your help
bbunge
Posts: 2930
Joined: Mon Mar 26, 2012 11:40 am
Location: Pennsylvania

Re: securize zm via https

Post by bbunge »

You do not have to change any Zoneminder configs. Just look for adding SSL to Apache. Self signed cert procedure is OK.
jepide
Posts: 18
Joined: Sun Nov 12, 2017 7:01 am

Re: securize zm via https

Post by jepide »

Tanks for your answer bbunge

I do have ssl in apache :
jpd@solidrun:~$ a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Module socache_shmcb already enabled
Module ssl already enabled


hereafter /etc/apache2/ports .conf :
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 80
# <IfModule ssl_module> corrected 25/08/2018
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

So, there is another fault, but where ?
bbunge
Posts: 2930
Joined: Mon Mar 26, 2012 11:40 am
Location: Pennsylvania

Re: securize zm via https

Post by bbunge »

ebeng
Posts: 12
Joined: Tue May 28, 2019 6:30 pm

Re: securize zm via https

Post by ebeng »

you have to also REWRITE all the HTTP to HTTPS in the body of the HTML.
+ dont forget to DISABLE gzip, because otherwise your body of your HTML-RESPONSE will be encrypted, such that no REWRITE will be done.
Locked