During research on how to setup an Open-Source SMS Gateway on a Raspberry PI, I needed to switch the default protocol used by playsms to the more secure https (SSL). (For WebServices use, see article ManageEngine AD Self Service Plus Custom SMS Gateway)
Here’s how I did it :
Enable SSL for the Apache playsms vhost
If not done yet, you must load the SSL Module for Apache2 :
sudo a2enmod ssl
Warning!
Do not forget to restart Apache 2 ! (sudo service apache2 restart)Get SSL Certificate for my domain.
I recommend using Let’s Encrypt.
They have a very complete documentation on how to get an SSL Certificate, I’m not going to cover it in this post.
Adapt the Apache vhost config file to serve content over https
Edit your Apache2 Vhost Config File (typically /etc/apache2/sites-enabled/000-default.conf) to look like this :
<VirtualHost *:80>
ServerAdmin mail@admin.org
ServerName your.url
DocumentRoot /var/www/html/playsms
<Location />
Require all granted
Redirect 301 / https://your.url/
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName your.url
ServerAdmin mail@admin.org
DocumentRoot /var/www/html/playsms
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
SSLCertificateFile /path/to/your/ssl/certificate.crt
SSLCertificateKeyFile /path/to/your/ssl/certificate.key
SSLCertificateChainFile /path/to/your/ssl/certificatechain.crt
</VirtualHost>
In the first part (<VirtualHost *:80>), we are setting up a permanent 301 redirect. If you hit http://your.url you are instantly being redirected to https://your.url
Warning!
Do not forget to reload Apache 2 ! (sudo service apache2 reload)Adapt playsms to behave correctly
In playsms, navigate to “Settings” -> “Main Configuration”
Here, change the Main website URL to use https://
In /var/www/html/playsms (or where-ever you choose to put your playsms installation), edit the file config.php :
Change
// are we using http or https ? the default is using http instead https
$core_config['ishttps'] = false;
to
// are we using http or https ? the default is using http instead https
$core_config['ishttps'] = true;
Rezent Kommentare