Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

2017-03-31 Thread Francisco Javier Guel M . 
Hi all.


Regards from México. As Mike said, letsencrypt could work for Evergreen as an 
option.

In a Evergreen testing server for 2.12.0 EG version, I already installed a 
LetsEncrypt certificate and It is working fine.

https://biblos.ipicyt.edu.mx/eg/opac/home


Rgds




Atentamente.
Francisco Javier Guel Mendoza



De: Open-ils-general <open-ils-general-boun...@list.georgialibraries.org> en 
nombre de Mike Rylander <mrylan...@gmail.com>
Enviado: jueves, 30 de marzo de 2017 08:40 a. m.
Para: Evergreen Discussion Group
Asunto: Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

Hi,

There are several relatively simple services (some entirely
in-browser) that can get certs from Let's Encrypt available at
https://letsencrypt.org/docs/client-options/ .  If have control over
many client options - Let's 
Encrypt<https://letsencrypt.org/docs/client-options/>
letsencrypt.org
Let’s Encrypt uses the ACME protocol to verify that you control a given domain 
name and to issue you a certificate. To get a Let’s Encrypt certificate, you’ll 
...



DNS for your domain, you could set up an external DNS entry for the
name of the internal server and receive a cert, then use internal
(split-brain) DNS to use that name for a private IP and make use of
the cert you generate.  These certs are fairly short-lived, but once
DNS is set up, the update process is easy.

HTH,

--
Mike Rylander
 | President
 | Equinox Open Library Initiative
 | phone:  1-877-OPEN-ILS (673-6457)
 | email:  mi...@equinoxinitiative.org
 | web:  http://equinoxinitiative.org


On Thu, Mar 30, 2017 at 10:19 AM, Josh Stompro
<stomp...@exchange.larl.org> wrote:
> StartSSL shouldn’t be used any more.  They were banned from Chrome and
> Firefox early this year because of reasons including the fact that they were
> silently purchased by a Chinese company, and because they were issuing back
> dated certificates to get around the SHA-1 phase out.  They also allowed
> users to get certificates for main domains if they could certify that they
> had control of subdomains.
>
>
>
> https://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/
[https://cdn.arstechnica.net/wp-content/uploads/2016/09/barricade-800x600.jpg]<https://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/>

Firefox ready to block certificate authority that 
...<https://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/>
arstechnica.com
The organization that develops Firefox has recommended the browser block 
digital credentials issued by a China-based certificate authority for 12 months 
after ...



>
>
>
> Josh Stompro - LARL IT Director
>
>
>
> From: Open-ils-general
> [mailto:open-ils-general-boun...@list.georgialibraries.org] On Behalf Of
> Bill Ott
> Sent: Thursday, March 30, 2017 9:10 AM
> To: open-ils-general@list.georgialibraries.org
> Subject: Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS
>
>
>
> For single server implementations, there are also free certificates
> available from organizations like StartSSL.
>
>
>
> On 03/30/2017 10:04 AM, Rogan Hamby wrote:
>
> While SSL on an intranet may not be necessary it still isn't harmful.  I may
> be of a paranoid bent but you can have security issues even on an intranet,
> especially large geographically distributed ones.  And with the increasingly
> punitive behavior of browsers to punish non-encrypted connections in various
> ways (usually with warnings and such) I'd question if it would be easier to
> just implement the SSL for the intranet than try to pass around it.
>
>
>
>
>
>
> Rogan Hamby
>
> Data and Project Analyst
>
> Equinox Open Library Initiative
>
> phone:  1-877-OPEN-ILS (673-6457)
>
> email:  ro...@equinoxinitiative.org
>
> web:  http://EquinoxInitiative.org
>
>
>
> On Thu, Mar 30, 2017 at 10:00 AM, Jason Stephenson <ja...@sigio.com> wrote:
>
> I should add that the staff client requires SSL and there's no easy way
> to chagne that, so you can't completely disable SSL and expect things to
> still function properly.
>
>
>
>
> On 03/30/2017 09:23 AM, Jason Stephenson wrote:
>> Jayaraj,
>>
>> It would be done via the Apache configuration files. You'd move
>> everything from the SSL enabled vhost configurations to the non-SSL
>> vhosts, i.e everything from the port 443 configuration sections to the
>> port 80 configuration. Some of that configuration is duplicated, so only
>> the unique things need to go.
>>
>> There may also be some directives to force SSL on some locations. You'll
>> want to remove those also.
&g

Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

2017-03-30 Thread Ben Shum 
I'd suggest getting free SSL certificates from Let's Encrypt --
https://letsencrypt.org/

There's been some discussion in the past on this subject on the
Evergreen dev mailing list:
http://list.georgialibraries.org/pipermail/open-ils-dev/2016-June/010153.html

While I'd be curious to see how that would affect a primarily intranet
based Evergreen system (meaning, I think you'd still want to have a
FQDN hostname for your Evergreen system and not a local hostname or IP
address used internally), I think that they offer a good service for
SSL certificates.

I imagine there's plenty more thoughts or suggestions on the subject
since that time.

-- Ben

On Thu, Mar 30, 2017 at 10:19 AM, Josh Stompro
<stomp...@exchange.larl.org> wrote:
> StartSSL shouldn’t be used any more.  They were banned from Chrome and
> Firefox early this year because of reasons including the fact that they were
> silently purchased by a Chinese company, and because they were issuing back
> dated certificates to get around the SHA-1 phase out.  They also allowed
> users to get certificates for main domains if they could certify that they
> had control of subdomains.
>
>
>
> https://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/
>
>
>
> Josh Stompro - LARL IT Director
>
>
>
> From: Open-ils-general
> [mailto:open-ils-general-boun...@list.georgialibraries.org] On Behalf Of
> Bill Ott
> Sent: Thursday, March 30, 2017 9:10 AM
> To: open-ils-general@list.georgialibraries.org
> Subject: Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS
>
>
>
> For single server implementations, there are also free certificates
> available from organizations like StartSSL.
>
>
>
> On 03/30/2017 10:04 AM, Rogan Hamby wrote:
>
> While SSL on an intranet may not be necessary it still isn't harmful.  I may
> be of a paranoid bent but you can have security issues even on an intranet,
> especially large geographically distributed ones.  And with the increasingly
> punitive behavior of browsers to punish non-encrypted connections in various
> ways (usually with warnings and such) I'd question if it would be easier to
> just implement the SSL for the intranet than try to pass around it.
>
>
>
>
>
>
> Rogan Hamby
>
> Data and Project Analyst
>
> Equinox Open Library Initiative
>
> phone:  1-877-OPEN-ILS (673-6457)
>
> email:  ro...@equinoxinitiative.org
>
> web:  http://EquinoxInitiative.org
>
>
>
> On Thu, Mar 30, 2017 at 10:00 AM, Jason Stephenson <ja...@sigio.com> wrote:
>
> I should add that the staff client requires SSL and there's no easy way
> to chagne that, so you can't completely disable SSL and expect things to
> still function properly.
>
>
>
>
> On 03/30/2017 09:23 AM, Jason Stephenson wrote:
>> Jayaraj,
>>
>> It would be done via the Apache configuration files. You'd move
>> everything from the SSL enabled vhost configurations to the non-SSL
>> vhosts, i.e everything from the port 443 configuration sections to the
>> port 80 configuration. Some of that configuration is duplicated, so only
>> the unique things need to go.
>>
>> There may also be some directives to force SSL on some locations. You'll
>> want to remove those also.
>>
>> I'm writing this from memory without looking at the files, which is
>> alway a bad thing to do, but I think that covers it.
>>
>> HtH,
>> Jason
>>
>> On 03/30/2017 04:16 AM, Jayaraj JR wrote:
>>> Hello,
>>>
>>> Greetings of the day !
>>>
>>> SSL or https is a better option as far as security is concerned. But the
>>> heightened security level may not be necessary at many times especially
>>> while using Evergreen in Intranet. Besides the browser often warns the
>>> user that entering to my account in evergreen catalog is dangerous if
>>> purchased SSL is not implemented. This may often create confusion for
>>> childern and beginning users who are not well versed with computers.
>>> They are very often advised to add security exception for accessing the
>>> library catalog.
>>>
>>> It would appreciable, if any option or configuration is available to
>>> disable the SSL and to use the full library catalog via http.
>>> Kindly advice the configuration to use my account in Evergreen catalog
>>> via http itself and not https
>>>
>>> --
>>> Thanks in Advance,
>>>
>>> Jayaraj J R
>>> Library Information Assistant
>>> IISER Thiruvananthapuram
>
>
>
>



-- 
Benjamin Shum
Evergreener

Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

2017-03-30 Thread Mike Rylander 
Hi,

There are several relatively simple services (some entirely
in-browser) that can get certs from Let's Encrypt available at
https://letsencrypt.org/docs/client-options/ .  If have control over
DNS for your domain, you could set up an external DNS entry for the
name of the internal server and receive a cert, then use internal
(split-brain) DNS to use that name for a private IP and make use of
the cert you generate.  These certs are fairly short-lived, but once
DNS is set up, the update process is easy.

HTH,

--
Mike Rylander
 | President
 | Equinox Open Library Initiative
 | phone:  1-877-OPEN-ILS (673-6457)
 | email:  mi...@equinoxinitiative.org
 | web:  http://equinoxinitiative.org


On Thu, Mar 30, 2017 at 10:19 AM, Josh Stompro
<stomp...@exchange.larl.org> wrote:
> StartSSL shouldn’t be used any more.  They were banned from Chrome and
> Firefox early this year because of reasons including the fact that they were
> silently purchased by a Chinese company, and because they were issuing back
> dated certificates to get around the SHA-1 phase out.  They also allowed
> users to get certificates for main domains if they could certify that they
> had control of subdomains.
>
>
>
> https://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/
>
>
>
> Josh Stompro - LARL IT Director
>
>
>
> From: Open-ils-general
> [mailto:open-ils-general-boun...@list.georgialibraries.org] On Behalf Of
> Bill Ott
> Sent: Thursday, March 30, 2017 9:10 AM
> To: open-ils-general@list.georgialibraries.org
> Subject: Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS
>
>
>
> For single server implementations, there are also free certificates
> available from organizations like StartSSL.
>
>
>
> On 03/30/2017 10:04 AM, Rogan Hamby wrote:
>
> While SSL on an intranet may not be necessary it still isn't harmful.  I may
> be of a paranoid bent but you can have security issues even on an intranet,
> especially large geographically distributed ones.  And with the increasingly
> punitive behavior of browsers to punish non-encrypted connections in various
> ways (usually with warnings and such) I'd question if it would be easier to
> just implement the SSL for the intranet than try to pass around it.
>
>
>
>
>
>
> Rogan Hamby
>
> Data and Project Analyst
>
> Equinox Open Library Initiative
>
> phone:  1-877-OPEN-ILS (673-6457)
>
> email:  ro...@equinoxinitiative.org
>
> web:  http://EquinoxInitiative.org
>
>
>
> On Thu, Mar 30, 2017 at 10:00 AM, Jason Stephenson <ja...@sigio.com> wrote:
>
> I should add that the staff client requires SSL and there's no easy way
> to chagne that, so you can't completely disable SSL and expect things to
> still function properly.
>
>
>
>
> On 03/30/2017 09:23 AM, Jason Stephenson wrote:
>> Jayaraj,
>>
>> It would be done via the Apache configuration files. You'd move
>> everything from the SSL enabled vhost configurations to the non-SSL
>> vhosts, i.e everything from the port 443 configuration sections to the
>> port 80 configuration. Some of that configuration is duplicated, so only
>> the unique things need to go.
>>
>> There may also be some directives to force SSL on some locations. You'll
>> want to remove those also.
>>
>> I'm writing this from memory without looking at the files, which is
>> alway a bad thing to do, but I think that covers it.
>>
>> HtH,
>> Jason
>>
>> On 03/30/2017 04:16 AM, Jayaraj JR wrote:
>>> Hello,
>>>
>>> Greetings of the day !
>>>
>>> SSL or https is a better option as far as security is concerned. But the
>>> heightened security level may not be necessary at many times especially
>>> while using Evergreen in Intranet. Besides the browser often warns the
>>> user that entering to my account in evergreen catalog is dangerous if
>>> purchased SSL is not implemented. This may often create confusion for
>>> childern and beginning users who are not well versed with computers.
>>> They are very often advised to add security exception for accessing the
>>> library catalog.
>>>
>>> It would appreciable, if any option or configuration is available to
>>> disable the SSL and to use the full library catalog via http.
>>> Kindly advice the configuration to use my account in Evergreen catalog
>>> via http itself and not https
>>>
>>> --
>>> Thanks in Advance,
>>>
>>> Jayaraj J R
>>> Library Information Assistant
>>> IISER Thiruvananthapuram
>
>
>
>

Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

2017-03-30 Thread Josh Stompro 
StartSSL shouldn’t be used any more.  They were banned from Chrome and Firefox 
early this year because of reasons including the fact that they were silently 
purchased by a Chinese company, and because they were issuing back dated 
certificates to get around the SHA-1 phase out.  They also allowed users to get 
certificates for main domains if they could certify that they had control of 
subdomains.

https://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/

Josh Stompro - LARL IT Director

From: Open-ils-general 
[mailto:open-ils-general-boun...@list.georgialibraries.org] On Behalf Of Bill 
Ott
Sent: Thursday, March 30, 2017 9:10 AM
To: open-ils-general@list.georgialibraries.org
Subject: Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS


For single server implementations, there are also free certificates available 
from organizations like StartSSL.

On 03/30/2017 10:04 AM, Rogan Hamby wrote:
While SSL on an intranet may not be necessary it still isn't harmful.  I may be 
of a paranoid bent but you can have security issues even on an intranet, 
especially large geographically distributed ones.  And with the increasingly 
punitive behavior of browsers to punish non-encrypted connections in various 
ways (usually with warnings and such) I'd question if it would be easier to 
just implement the SSL for the intranet than try to pass around it.




Rogan Hamby

Data and Project Analyst

Equinox Open Library Initiative

phone:  1-877-OPEN-ILS (673-6457)

email:  ro...@equinoxinitiative.org<mailto:ro...@equinoxinitiative.org>
web:  http://EquinoxInitiative.org

On Thu, Mar 30, 2017 at 10:00 AM, Jason Stephenson 
<ja...@sigio.com<mailto:ja...@sigio.com>> wrote:
I should add that the staff client requires SSL and there's no easy way
to chagne that, so you can't completely disable SSL and expect things to
still function properly.



On 03/30/2017 09:23 AM, Jason Stephenson wrote:
> Jayaraj,
>
> It would be done via the Apache configuration files. You'd move
> everything from the SSL enabled vhost configurations to the non-SSL
> vhosts, i.e everything from the port 443 configuration sections to the
> port 80 configuration. Some of that configuration is duplicated, so only
> the unique things need to go.
>
> There may also be some directives to force SSL on some locations. You'll
> want to remove those also.
>
> I'm writing this from memory without looking at the files, which is
> alway a bad thing to do, but I think that covers it.
>
> HtH,
> Jason
>
> On 03/30/2017 04:16 AM, Jayaraj JR wrote:
>> Hello,
>>
>> Greetings of the day !
>>
>> SSL or https is a better option as far as security is concerned. But the
>> heightened security level may not be necessary at many times especially
>> while using Evergreen in Intranet. Besides the browser often warns the
>> user that entering to my account in evergreen catalog is dangerous if
>> purchased SSL is not implemented. This may often create confusion for
>> childern and beginning users who are not well versed with computers.
>> They are very often advised to add security exception for accessing the
>> library catalog.
>>
>> It would appreciable, if any option or configuration is available to
>> disable the SSL and to use the full library catalog via http.
>> Kindly advice the configuration to use my account in Evergreen catalog
>> via http itself and not https
>>
>> --
>> Thanks in Advance,
>>
>> Jayaraj J R
>> Library Information Assistant
>> IISER Thiruvananthapuram

Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

2017-03-30 Thread Bill Ott 
For single server implementations, there are also free certificates 
available from organizations like StartSSL.



On 03/30/2017 10:04 AM, Rogan Hamby wrote:
While SSL on an intranet may not be necessary it still isn't harmful.  
I may be of a paranoid bent but you can have security issues even on 
an intranet, especially large geographically distributed ones.  And 
with the increasingly punitive behavior of browsers to punish 
non-encrypted connections in various ways (usually with warnings and 
such) I'd question if it would be easier to just implement the SSL for 
the intranet than try to pass around it.




Rogan Hamby

Data and Project Analyst

Equinox Open Library Initiative

phone:  1-877-OPEN-ILS (673-6457)

email:  ro...@equinoxinitiative.org

web: http://EquinoxInitiative.org

On Thu, Mar 30, 2017 at 10:00 AM, Jason Stephenson > wrote:


I should add that the staff client requires SSL and there's no
easy way
to chagne that, so you can't completely disable SSL and expect
things to
still function properly.



On 03/30/2017 09:23 AM, Jason Stephenson wrote:
> Jayaraj,
>
> It would be done via the Apache configuration files. You'd move
> everything from the SSL enabled vhost configurations to the non-SSL
> vhosts, i.e everything from the port 443 configuration sections
to the
> port 80 configuration. Some of that configuration is duplicated,
so only
> the unique things need to go.
>
> There may also be some directives to force SSL on some
locations. You'll
> want to remove those also.
>
> I'm writing this from memory without looking at the files, which is
> alway a bad thing to do, but I think that covers it.
>
> HtH,
> Jason
>
> On 03/30/2017 04:16 AM, Jayaraj JR wrote:
>> Hello,
>>
>> Greetings of the day !
>>
>> SSL or https is a better option as far as security is
concerned. But the
>> heightened security level may not be necessary at many times
especially
>> while using Evergreen in Intranet. Besides the browser often
warns the
>> user that entering to my account in evergreen catalog is
dangerous if
>> purchased SSL is not implemented. This may often create
confusion for
>> childern and beginning users who are not well versed with
computers.
>> They are very often advised to add security exception for
accessing the
>> library catalog.
>>
>> It would appreciable, if any option or configuration is
available to
>> disable the SSL and to use the full library catalog via http.
>> Kindly advice the configuration to use my account in Evergreen
catalog
>> via http itself and not https
>>
>> --
>> Thanks in Advance,
>>
>> Jayaraj J R
>> Library Information Assistant
>> IISER Thiruvananthapuram

Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

2017-03-30 Thread Rogan Hamby 
While SSL on an intranet may not be necessary it still isn't harmful.  I
may be of a paranoid bent but you can have security issues even on an
intranet, especially large geographically distributed ones.  And with the
increasingly punitive behavior of browsers to punish non-encrypted
connections in various ways (usually with warnings and such) I'd question
if it would be easier to just implement the SSL for the intranet than try
to pass around it.




Rogan Hamby

Data and Project Analyst

Equinox Open Library Initiative

phone:  1-877-OPEN-ILS (673-6457)

email:  ro...@equinoxinitiative.org
web:  http://EquinoxInitiative.org

On Thu, Mar 30, 2017 at 10:00 AM, Jason Stephenson  wrote:

> I should add that the staff client requires SSL and there's no easy way
> to chagne that, so you can't completely disable SSL and expect things to
> still function properly.
>
>
>
> On 03/30/2017 09:23 AM, Jason Stephenson wrote:
> > Jayaraj,
> >
> > It would be done via the Apache configuration files. You'd move
> > everything from the SSL enabled vhost configurations to the non-SSL
> > vhosts, i.e everything from the port 443 configuration sections to the
> > port 80 configuration. Some of that configuration is duplicated, so only
> > the unique things need to go.
> >
> > There may also be some directives to force SSL on some locations. You'll
> > want to remove those also.
> >
> > I'm writing this from memory without looking at the files, which is
> > alway a bad thing to do, but I think that covers it.
> >
> > HtH,
> > Jason
> >
> > On 03/30/2017 04:16 AM, Jayaraj JR wrote:
> >> Hello,
> >>
> >> Greetings of the day !
> >>
> >> SSL or https is a better option as far as security is concerned. But the
> >> heightened security level may not be necessary at many times especially
> >> while using Evergreen in Intranet. Besides the browser often warns the
> >> user that entering to my account in evergreen catalog is dangerous if
> >> purchased SSL is not implemented. This may often create confusion for
> >> childern and beginning users who are not well versed with computers.
> >> They are very often advised to add security exception for accessing the
> >> library catalog.
> >>
> >> It would appreciable, if any option or configuration is available to
> >> disable the SSL and to use the full library catalog via http.
> >> Kindly advice the configuration to use my account in Evergreen catalog
> >> via http itself and not https
> >>
> >> --
> >> Thanks in Advance,
> >>
> >> Jayaraj J R
> >> Library Information Assistant
> >> IISER Thiruvananthapuram
>

Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

2017-03-30 Thread Jason Stephenson 
I should add that the staff client requires SSL and there's no easy way
to chagne that, so you can't completely disable SSL and expect things to
still function properly.



On 03/30/2017 09:23 AM, Jason Stephenson wrote:
> Jayaraj,
> 
> It would be done via the Apache configuration files. You'd move
> everything from the SSL enabled vhost configurations to the non-SSL
> vhosts, i.e everything from the port 443 configuration sections to the
> port 80 configuration. Some of that configuration is duplicated, so only
> the unique things need to go.
> 
> There may also be some directives to force SSL on some locations. You'll
> want to remove those also.
> 
> I'm writing this from memory without looking at the files, which is
> alway a bad thing to do, but I think that covers it.
> 
> HtH,
> Jason
> 
> On 03/30/2017 04:16 AM, Jayaraj JR wrote:
>> Hello,
>>
>> Greetings of the day !
>>
>> SSL or https is a better option as far as security is concerned. But the
>> heightened security level may not be necessary at many times especially
>> while using Evergreen in Intranet. Besides the browser often warns the
>> user that entering to my account in evergreen catalog is dangerous if
>> purchased SSL is not implemented. This may often create confusion for
>> childern and beginning users who are not well versed with computers.
>> They are very often advised to add security exception for accessing the
>> library catalog.
>>
>> It would appreciable, if any option or configuration is available to
>> disable the SSL and to use the full library catalog via http.
>> Kindly advice the configuration to use my account in Evergreen catalog
>> via http itself and not https
>>  
>> -- 
>> Thanks in Advance,
>>
>> Jayaraj J R
>> Library Information Assistant
>> IISER Thiruvananthapuram

Re: [OPEN-ILS-GENERAL] Disabling SSL in Evergreen ILS

2017-03-30 Thread Jason Stephenson 
Jayaraj,

It would be done via the Apache configuration files. You'd move
everything from the SSL enabled vhost configurations to the non-SSL
vhosts, i.e everything from the port 443 configuration sections to the
port 80 configuration. Some of that configuration is duplicated, so only
the unique things need to go.

There may also be some directives to force SSL on some locations. You'll
want to remove those also.

I'm writing this from memory without looking at the files, which is
alway a bad thing to do, but I think that covers it.

HtH,
Jason

On 03/30/2017 04:16 AM, Jayaraj JR wrote:
> Hello,
> 
> Greetings of the day !
> 
> SSL or https is a better option as far as security is concerned. But the
> heightened security level may not be necessary at many times especially
> while using Evergreen in Intranet. Besides the browser often warns the
> user that entering to my account in evergreen catalog is dangerous if
> purchased SSL is not implemented. This may often create confusion for
> childern and beginning users who are not well versed with computers.
> They are very often advised to add security exception for accessing the
> library catalog.
> 
> It would appreciable, if any option or configuration is available to
> disable the SSL and to use the full library catalog via http.
> Kindly advice the configuration to use my account in Evergreen catalog
> via http itself and not https
>  
> -- 
> Thanks in Advance,
> 
> Jayaraj J R
> Library Information Assistant
> IISER Thiruvananthapuram