GWMC SSL URL rewite

Not sure if someone can answer this, but I am trying to make it so customers can log into their admin portal for GWMC without knowing the service port.

The problem I'm having is, if the customer browser is sent via HTTP on port 8120 it gets redirected to HTTPS on the host IP address then you get a certificate error because its using the server IP Address.

i.e. http://gwmc.domain.com:8120 --> https://192.168.1.28:8120

Does anybody know an easy way to do this within gwmc? I know I can do a JavaScript rewrite, but since GWMC is already doing the redirect, how do I redirect it to the DNS host name instead of the IP address?
  • I am assuming that the current cert is the default generated one which is self signed.
    With that you will always get an error until a give instance of a browser is told to always accept it, a feature not all browsers support.
    To fix this you will have to do some work with the certificate, either manage to export the public key and import it to all the systems that would require it, or more elegantly would be to remint the certificate against a Certificate Authority that those systems either already trust or one that you can readily add to their trust.

    from your example am assuming that this is for for internal as opposed to external users, and this is an important point to note as the CA options are different for the 3 and/or mix.
  • The server is actually using a 3rd party cert and that is working great for both mobile devices and admin portal.

    The issue arises when the client browser uses HTTP instead of HTTPS for the initial URL.


    >>> konecnya<konecnya@no-mx.forums.microfocus.com> 11/2/2015 6:26 PM >>>


    I am assuming that the current cert is the default generated one which
    is self signed.
    With that you will always get an error until a give instance of a
    browser is told to always accept it, a feature not all browsers
    support.
    To fix this you will have to do some work with the certificate, either
    manage to export the public key and import it to all the systems that
    would require it, or more elegantly would be to remint the certificate
    against a Certificate Authority that those systems either already trust
    or one that you can readily add to their trust.

    from your example am assuming that this is for for internal as opposed
    to external users, and this is an important point to note as the CA
    options are different for the 3 and/or mix.


    --
    Andy of
    KonecnyConsulting.ca in Toronto
    Knowledge Partner
    http://forums.novell.com/member.php?userid=75037
    If you find a post helpful and are logged in the Web interface, please
    show your appreciation by clicking on the star below. Thanks!
    ------------------------------------------------------------------------
    konecnya's Profile: https://forums.novell.com/member.php?userid=75037
    View this thread: https://forums.novell.com/showthread.php?t=494951
  • In article <56386DFD.A42F.000C.1@grcc.edu>, Erich D. Flynn wrote:
    > The server is actually using a 3rd party cert and that is working great for both mobile devices and admin

    portal.
    Ahh, that is good and answers many of the questions needed to move forward

    > The issue arises when the client browser uses HTTP instead of HTTPS for the initial URL.

    A) what is in /etc/HOSTNAME ?
    Should match your gwmc.domain.com
    B) what is in /etc/hosts relating to your public IP and the above host name. They should match.

    I see that much of the relevant GMS bits are in what look like python and they point to different host type
    variables. If they feed strait from the above two files, making sure they are correct may will sort you all
    out with a reboot.

    Of note, I don't see the remap to an IP address on the systems I can quickly check, with their HOSTNAME and
    hosts files all pointing correctly.


    Andy of
    http://KonecnyConsulting.ca in Toronto
    Knowledge Partner
    http://forums.novell.com/member.php/75037-konecnya
    If you find a post helpful and are logged in the Web interface, please show your appreciation by clicking on
    the star below. Thanks!
    GMS troubleshooting tips at http://www.konecnyad.ca/andyk/gwmobility.htm