Jayaraj,
It would be done via the Apache configuration files. You'd move
everything from the SSL enabled vhost configurations to the non-SSL
vhosts, i.e everything from the port 443 configuration sections to the
port 80 configuration. Some of that configuration is duplicated, so only
the unique
Hello,
Greetings of the day !
SSL or https is a better option as far as security is concerned. But the
heightened security level may not be necessary at many times especially
while using Evergreen in Intranet. Besides the browser often warns the user
that entering to my account in evergreen
I'd suggest getting free SSL certificates from Let's Encrypt --
https://letsencrypt.org/
There's been some discussion in the past on this subject on the
Evergreen dev mailing list:
http://list.georgialibraries.org/pipermail/open-ils-dev/2016-June/010153.html
While I'd be curious to see how that
I should add that the staff client requires SSL and there's no easy way
to chagne that, so you can't completely disable SSL and expect things to
still function properly.
On 03/30/2017 09:23 AM, Jason Stephenson wrote:
> Jayaraj,
>
> It would be done via the Apache configuration files. You'd
StartSSL shouldn’t be used any more. They were banned from Chrome and Firefox
early this year because of reasons including the fact that they were silently
purchased by a Chinese company, and because they were issuing back dated
certificates to get around the SHA-1 phase out. They also
Hi,
There are several relatively simple services (some entirely
in-browser) that can get certs from Let's Encrypt available at
https://letsencrypt.org/docs/client-options/ . If have control over
DNS for your domain, you could set up an external DNS entry for the
name of the internal server and
While SSL on an intranet may not be necessary it still isn't harmful. I
may be of a paranoid bent but you can have security issues even on an
intranet, especially large geographically distributed ones. And with the
increasingly punitive behavior of browsers to punish non-encrypted
connections in
For single server implementations, there are also free certificates
available from organizations like StartSSL.
On 03/30/2017 10:04 AM, Rogan Hamby wrote:
While SSL on an intranet may not be necessary it still isn't harmful.
I may be of a paranoid bent but you can have security issues even
**
*Hello*
*
An Acquisitions Interest Group meeting has been schedule during the
upcoming 2017 Evergreen International Conference. Attending the
Conference and interested in acquisitions? Make sure to join us for the
meeting on Friday April 7th at 8:00am. All are welcome whether you use