Hi,
I'm completely new to OHS and have been asked to ensure that a URL that goes to OHS should only be accessible on HTTPS, if accessed by HTTP it should go to the equivalent of IISs
HTTP Error 403.4 - Forbidden: SSL is required to view this resource.
As OHS is the frontend to our SOA installation we have specific files under /moduleconf/ for the virtualhosts, an example of one is below.
Can anyone give me any clues/best practice to only allow this VirtualHost to be allowed on HTTPS/SSL and to not redirect non SSL to SSL but to an error page like the equivalent mentioned above.
Any guidance would be greatly appreciated. Many thanks
<VirtualHost *:443>
ServerName testhub.example.com:443
RewriteEngine On
RewriteOptions inherit
RewriteRule ^$ /osb/hub.asmx [NC,P]
RewriteRule ^/$ /osb/hub.asmx [NC,P]
RewriteRule ^/hub\.asmx$ /osb/hub.asmx [NC,P]
<Location /sbinspection.wsil >
SetHandler weblogic-handler
WebLogicCluster OSB1:8011,OSB2:8011
</Location>
<Location /sbresource >
SetHandler weblogic-handler
WebLogicCluster OSB1:8011,OSB2:8011
</Location>
<Location /osb >
SetHandler weblogic-handler
WebLogicCluster OSB1:8011,OSB2:8011
</Location>
<Location /alsb >
SetHandler weblogic-handler
WebLogicCluster OSB1:8011,OSB2:8011
</Location>
<IfModule ossl_module>
SSLEngine on
SSLProtocol nzos_Version_1_0 nzos_Version_3_0_With_2_0_Hello nzos_Version_3_0
SSLCipherSuite SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_AE
S_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
SSLVerifyClient none
SSLWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/host"
SSLProxyEngine On
SSLProxyWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/host"
SSLCRLCheck Off
</IfModule>
</VirtualHost>