SSL encryption for kOOL

You should be using SSL encryption for your kOOL installation, to protect your data on its journey through the network/internet.

The details of installing and handling an SSL encrypted webpage is beyond the scope of this instructions. Check the documentations and mailinglist of your webserver. For apache you find some information on www.modssl.org

SSL certificates

You can use any SSL certificates, you can buy from Thawte, VeriSign etc. But you can also create and sign your own server certificates. A good documentation on how to do this can be found here:

www.debian-administration.org/articles/284

SSL with mod_ssl for apache

If you use mod_ssl for apache, the following hints and configurations might be helpful to you.

SSL with virtual hosts

If you can't or don't want to assign a separate ip to every kOOL installation on your server, you can still use SSL encryption for every virtual host by using different ports. The following configuration shows a possible setup with a permanent redirect to the https url.

 

Make apache listen on port 80 AND 1443

Listen 80

<IfModule mod_ssl.c>
  Listen 1443

</ifModule>

 

Add a permanent redirect to the https url

<VirtualHost ip.of.your.server:80>
  ServerName your.kool.com
  Redirect permanent / https://your.kool.com:1443
</VirtualHost>

 

Add the SSL settings to your virtual host configuration

<IfModule mod_ssl.c>
  <VirtualHost ip.of.your.server:1443>
    ServerAdmin webmaster@your.kool.com
    DocumentRoot /var/www/kOOL_demo
    ServerName your.kool.com
    ScriptAlias /fileshare/cgi/ /var/www/kOOL_demo/fileshare/cgi/

    SSLEngine on
    SSLCertificateFile /etc/apache/ssl.crt/kOOL-demo.cert.pem
    SSLCertificateKeyFile /etc/apache/ssl.key/kOOL-demo.key.pem

  </VirtualHost>

</IfModule>