Redmineへの接続を常にHTTPSにする
前回はWordPressの管理画面をHTTPSで接続できるようにしたので、今回はRedmineの方もHTTPSにしようということでそのときのメモを。
手順としてもだいたい一緒で、証明書を作ってApacheの設定をうまい具合にやるだけ。適当なディレクトリ(/etc/apache2/ssl)で以下のコマンドを打ち込んで公開鍵証明書と秘密鍵を作成。
openssl genrsa -aes128 1024 > redmine.key openssl req -new -key redmine.key > redmine.csr openssl x509 -in redmine.csr -days 365 -req -signkey redmine.key > redmine.crt mv redmine.key redmine.key.bk openssl rsa -in redmine.key.bk > redmine.key
Apacheの設定を追加。
<VirtualHost *:80> ServerName redmine.example.com ServerSignature Off RewriteEngine On RewriteCond "%{SERVER_PORT}" "^80$" RewriteRule "^(.*)$" "https://%{SERVER_NAME}$1" [R,L] </VirtualHost> <VirtualHost *:443> ServerName redmine.example.com DocumentRoot /usr/local/redmine/public SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/apache2/ssl/redmine.crt SSLCertificateKeyFile /etc/apache2/ssl/redmine.key Header onsuccess append Cache-Control public ExpiresActive On <FilesMatch "\.(txt|css|js|jpeg|jpg|png|gif)$> ExpiresDefault "access plus 3 days" </FilesMatch> <Directory /usr/local/redmine/public> # This relaxes Apache security settings. #AllowOverride all AllowOverride none # MultiViews must be turned off. Options -MultiViews </Directory> ErrorLog ${APACHE_LOG_DIR}/rm-error-ssl.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/rm-access-ssl.log combined env=!no_log RailsBaseURI / </VirtualHost>
これでhttp://〜でアクセスしても、https://~に飛んでくれます。
参考