Friday, December 7, 2012

OpenERP SSL Connection


One of the main feautres of an enterprise system is security. To provide a secure connection between OpenERP web and users's browser you can enable SSL (https protocol). The following steps do this:

1- sudo su -

2- Install Apache web server and enable SSL module:

apt-get install apache2
apt-get install libapache2-mod-gnutls
apt-get install libapache2-mod-python
apt-get install libapache2-mod-wsgi
apt-get install libapache2-modxsltsudo /etc/init.d/apache2 restart
a2enmod headers
a2enmod proxy
a2enmod proxy_connect
a2enmod proxy_ftp
a2enmod proxy_http
a2enmod ssl
a2ensite default-ssl
/etc/init.d/apache2 restart

3- Generating a key pair and X509 certificate file:

this could be done with OpenSSL command or some other packages like XCA or TinyCA.
I will explain this step in another post. For now just install XCA.

apt-get install xca

4- Edit Apache config file for SSL:

vi /etc/apache2/sites-available/default-ssl

4-1 make sure that SSL engine is on.

SSLEngine on

4-2 add the path of private key file and certificate file.

SSLCertificateFile $PATH_TO_CERTIFICATE_FILE
SSLCertificateKeyFile $PATH_TO_PRIVATE_KEY_FILE

4-3 add the following lines before ending VirtualHost tag.

<Proxy "*">
AddDefaultCharset off
order deny,allow
allow from all
</Proxy>
ProxyRequests Off
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
RequestHeader set "X-Forwarded-Proto" "https"
SetEnv proxy-nokeepalive 1


4-4 restart Apache server

/etc/init.d/apache2 restart

5- open OpenERP config file, it is usually in your home folder, named
.openerp_serverrc (it is hidden) and enable proxy mode.

proxy_mode = True

6- start OpenERP server and point your browser to:

https://localhost



These steps has been tested on Ubuntu 10.04 but should work with little or no changes on other versions of Ubuntu.

Sunday, December 2, 2012

First step with OpenERP 7.0 beta

After using and developing OpenERP 6.1 for a while, I decied to  install OpenERP 7.0 beta. Everthing went ok and I installed it easily but when I pointed my browser to localhost:8069, it was redirectedd to localhost:8069/web/webclient/home and nothing was displayed. The server log syays that requested url localhost:8069/web/webclient/home does not exist!!!!!!!!!
After installing it again and reviewing all configuration nothing changed. So I searched about it and found the solution:

it is so easy, just clean your browser's cache.