Skip to main content

OTRS and HTTPS

Following the recent upgrade of OTRS on our servers to the latest version, I went one step further and decided to deploy https to wrap it all up. There is no significantly important data shared or entered in our OTRS configuration, but I think it a worthwhile exercise to put encryption in place. I've only really touched on SSL once or twice before with server configurations, and I started out by looking for a cheap certificate. The thing is, this is a commercial application of the system and I didn't want to use a non-profit or education SSL cert for something that is part of our money making enterprise.

Enter "Let's Encrypt". I read about this somewhere - probably one of the many *almost* spam newsletter type emails I get during the week from a vendor. A Google search brought up a DigitalOcean write up on how to apply this to the particular version of Linux I'm running.

I'm just going to say that I love the DigitalOcean walk through's. They're clear and easy to follow. I tend to have bits of extra complexity in my installs, but I'm usually able to extrapolate from the D/O information to get want I want. Here is the link to the walk through that I used:

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-14-04

Get around it - it's great. So now we have an encrypted OTRS site and it works well.

Apart from just having an encrypted site, we have also noticed a pleasing uptick in the responsiveness of the site and a removal of an ongoing issue we were having access it from external. When my techs would try to connect to the page from outside the office and then enter data into it, they would have to continuously re-authenticate. This was completely unusable and also one of those problems I just never seemed to have time to get around to fixing. Now, with https:// in front of the address, this problem has disappeared! The site responsiveness isn't to be ignored - no matter where it's being accessed from, the page is significantly faster, a fact which pleases all of us.

To summarise - spend the time and get the encryption happening for OTRS - it's worth it!

Comments

Popular posts from this blog

Windows 10 Enterprise Eval - gotchas

After an annoying turn of events where my Windows 10 Enterprise USB drive failed, attempts to install Win10 onto a computer failed miserably. I turned to the net and managed to get my hands on Microsoft's Windows 10 Enterprise Evaluation. I have an enterprise key so I thought - cool! Here's the opportunity to get it going and to then upgrade the license later. Full install, patched etc and all is swell. Except when I try to upgrade. I straight up tried changing the licence key only to get a variety of errors, most of which are pertaining to the activation system being unavailable. The I try this: https://winaero.com/blog/upgrade-windows-10-evaluation-to-full-version-easily/ but it doesn't work either. Next I'll try this: h ttp://www.edugeek.net/forums/windows-10/174594-upgrading-windows-10-enterprise-90-evaluation-full.html And if all else fails, in goes the bootable USB I've now created. If only I'd had this in the first instance I would not be writing t

Plone - the open source Content Management System - a review

One of my clients, a non-profit, has a lot of files on it's clients. They need a way to digitally store these files, securely and with availability for certain people. They also need these files to expire and be deleted after a given length of time - usually about 7 years. These were the parameters I was given to search for a Document Management System (DMS) or more commonly a Content Management System (CMS). There are quite a lot of them, but most are designed for front facing information delivery - that is, to write something, put it up for review, have it reviewed and then published. We do not want this data published ever - and some CMS's make that a bit tricky to manage. So at the end of the day, I looked into several CMS systems that looked like they could be useful. The first one to be reviewed was OpenKM ( www.openkm.com ). It looked OK, was open source which is preferable and seemed to have solid security and publishing options. Backing up the database and upgradin

Fixing a black screen after doing a Kali Linux update

Kali Linux is a rolling Linux distribution designed for security and penetration work. You can find details on it here: www.kali.org . We run this excellent product for a range of different security work and it's been great. I built the image in VMplayer, then shared it to the team and we've all been at it since. A recent update broke it though - black screen, no network and completely unresponsive. There are lots of posts about similar things - mostly to do with graphics adaptors, however, we found that executing the following at a root prompt fixed it. But how to get to the root prompt from a blank screen? Linux has a number of terminals available to the user - most of us use the graphical one to do our day to day, but you can access a command line prompt without much trouble. Simply hold CTRL-ALT and then F2 or F3 down at the same time and it drops you to a command line login. BOOM. Time to fix it up. For me, and for the other fellas in the team, all it too was to