Perforce Public Knowledge Base - Example of Swarm HTTPS Setup for Ubuntu
Downloads Blog Company Integrations Careers Contact Try Free
Menu Search
Reset Search



Example of Swarm HTTPS Setup for Ubuntu

« Go Back


How do I make my Swarm instance running on Apache more secure using HTTPS

This document provides an example of running Swarm under HTTPS on Ubuntu 14.04 using a self signed certificate.

For general instructions, see Configuring Swarm for SSL with apache2 or httpd


1. Enable SSL for Apache2
sudo a2enmod ssl
2. Create directory to save certificates
sudo mkdir /etc/apache2/ssl

3. Create the required certificates
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

Note: Ensure the 'Common Name' you provide matches your Swarm servers FQDN exactly.

4.  Follow the on screen prompts adding organization information as required.

5. Backup the current HTTP virtual host configuration:
cp /etc/apache2/sites-available/perforce-swarm-site.conf /etc/apache2/sites-available/perforce-swarm-site.conf.BAK

6. Edit the Apache site config file for the Swarm virtual host:
sudo nano /etc/apache2/sites-available/perforce-swarm-site.conf
We'll continue to listing on port 80 for plain HTTP requests and on port 443 for HTTPS.  See below, replacing SWARM-SERVER_HOSTNAME with the FQDN of your Swarm server.
<VirtualHost *:80>
    ErrorLog "/var/log/apache2/swarm.error_log"
    CustomLog "/var/log/apache2/swarm.access_log" common
    DocumentRoot "/opt/perforce/swarm/public"
    <Directory "/opt/perforce/swarm/public">
    AllowOverride All
	Require all granted

<VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/apache.crt
    SSLCertificateKeyFile /etc/apache2/ssl/apache.key

    ErrorLog "/var/log/apache2/swarmssl.error_log"
    CustomLog "/var/log/apache2/swarmssl.access_log" common
    DocumentRoot "/opt/perforce/swarm/public"
    <Directory "/opt/perforce/swarm/public">
    AllowOverride All
	Require all granted
Note: Please check with your security team to ensure the permissions provided in this setup are suitably restrictive for your environment.

5. Restart Apache to pickup the changes
sudo service apache2 restart
6. Now try your new HTTPS URL from a web browser.

Important Note: If the FQDN of the server provided for the certificate and the Apache configuration above is not accurate the P4V integration will fail with the message 'SSL handshake failed'. This same FQDN must be returned by both the clients and the Swarm server when an IP address lookup is performed.

Additional Important Note:  You must ensure that the pem or crt file are installed onto every user's machine and also the Helix Server as well. To verify that the Helix Server has the cert or pem installed just run "curl https://SWARM-HOST" if you get back an message about using "--no-check-certificate" then it suggest that the cert are not installed correctly. Please follow the below article which help solve the issue:

Related Links



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255