If you are moving towards using HTTPS instead of HTTP while accessing the MGR GUI, you should enable HTTPS and disable HTTP. By default, HTTPS is already configured with a certificate (not CA), and a minor change is required.
This article provides step-by-step instructions on how to use HTTPS to access the MGR GUI without Certificate Authority (CA). This can be achieved by checking if there is a certificate already configured for MGR and then proceed to enable HTTPS and disable HTTP.
Step 1: Checking If There Is a Certificate Already Configured for MGR
- Check if both the .key and .crt files exist. As a TextPass user, run the following command:
$ ls -ltrh /var/TextPass/MGR/conf/ssl
-rw-r--r-- 1 textpass textpass 887 Jul 15 13:52 server.key
-rw-r--r-- 1 textpass textpass 782 Jul 15 13:52 server.crt
- Check in the MGR.conf file if HTTPS is already configured to work:
$ grep SSLCertificate /var/TextPass/MGR/conf/MGR.conf
$ head -25 /var/TextPass/MGR/conf/MGR.conf
## httpd.conf -- Apache HTTP server configuration file
- Based on the output of steps 1 and 2, the actual certificate file should exist and be configured in
NOTE: In the output of step 2, the line
Listen 80is for HTTP, and the line
Listen 443is for HTTPS. If the line is not commented out, then it is configured to work.
Step 2: Enabling HTTPS and Disabling HTTP
To enable or disable HTTP or HTTPS, follow these steps as a TextPass user:
- Go to
- Back up the existing MGR.conf file:
$ cp -p MGR.conf MGR.conf_YYYYMMDD
- Update the MGR.conf file based on what you want to achieve. As explained in the NOTE section of the above segment:
- To disable, comment the lines of the access you want to disable.
- To enable, comment out the lines.
# systemctl restart mgr