| Configuring Apache as a Forward/Reverse Proxy to a Secured (SSL) Financial Management Web Server [ID 875983.1] | |||||
| Modified 13-JAN-2012 Type HOWTO Status PUBLISHED | |||||
Applies to:
Hyperion Financial Management - Version: 9.3.0.0.00 to 11.1.1.2.00 - Release: 9.3 to 11.1Information in this document applies to any platform.
***Checked for relevance on 13-Jan-2012***
Goal
How to configure Apache as a Forward / Reverse Proxy to a secured (SSL) Financial Management (HFM) web server.Solution
Prerequisites :
- Ensure IIS for HFM is configured with SSL.Test the same using the following URL https://<hfm_web_servername>:<sslportno>/hfm
- Apache should be configured and ensure that it is working with
https://<workspace_web_servername>:19000
The Apache Home Page for 9.3.x and EPM Home page for 11.x should be returned - Download and install OpenSSL (http://www.openssl.org/)
Steps to configure Apache webserver :
- Browse to the /bin directory of the OpenSSL install and convert the CA certificate of IIS from .cer to .pem using the following command:
openssl x509 -in CACertificateName.cer -outform PEM -out CACertificateName.pem - Copy the CACertificateName.pem to the /conf folder underneath the Apache HTTP Server install:
For 9.3.x - ~\Hyperion\common\httpServers\Apache\2.0.52\conf
For 11.x - ~\Hyperion\common\httpServers\Apache\2.0.59\conf - Edit the httpd.conf file in the same directory and add the following lines:
<IfModule mod_proxy.c>
ProxyRequests On
ProxyPass /hfm https://servername/hfm
ProxyPassReverse /hfm https://servername/hfm
SSLProxyEngine On
SSLProxyCACertificateFile conf/CACertificateName.pem
</IfModule> - Restart the Hyperion Apache Service
Testing the configuration :
To test the configuration enter the following URL
http(s)://<workspace_web_servername>:<port>/hfm
instead of
https://<hfm_web_servername>:<sslportno>/hfm
The above link should return a page with the text 'hfm'.
No comments:
Post a Comment