Difference between revisions of "TLS Enable VISTA Service"
From VistApedia
(Created page with "= TLS Enable a VISTA Service = If you want to know why, look elsewhere. == Create a inetd style program that works == Not covering that here. Here's my example: <pre> # cat ...") |
(No difference)
|
Latest revision as of 16:52, 2 April 2013
Contents
TLS Enable a VISTA Service
If you want to know why, look elsewhere.
Create a inetd style program that works
Not covering that here. Here's my example:
# cat ~vista/bin/VPRJ.sh #!/bin/bash cd "$(dirname "$0")" source ./set_env $gtm_dist/mumps -r GTMLNX^VPRJREQ
Install stunnel
For Ubuntu, that was apt-get install stunnel4
Create a self-signed certificate
cd /etc/stunnel openssl req -new -x509 -days 11365 -nodes -out stunnel.pem -keyout stunnel.pem
Create xinetd service
On your favorite port. If it's a web server, you should use 443.
# cat /etc/xinetd.d/VPRJ-9281-TLS service VPRJ-9281-TLS { port = 9281 socket_type = stream protocol = tcp type = UNLISTED user = vista groups = yes server = /usr/bin/stunnel server_args = -p /etc/stunnel/stunnel.pem -l /home/vista/bin/VPRJ.sh env = USER=vista env += HOME=/home/vista wait = no disable = no per_source = UNLIMITED instances = UNLIMITED }
Testing
I mostly use curl for testing HTTP services. Tell curl to ignore certificate validation by the -k
flag.
# curl -ki https://localhost:9281/ping HTTP/1.1 200 OK Date: Tue, 02 Apr 2013 16:52:29 GMT Content-Type: application/json; charset=utf-8 Content-Length: 20 {"status":"running"}