Enable SSL for playsms

During research on how to setup an Open-Source SMS Gateway on a Raspberry PI, I needed to switch the default protocol used by playsms to the more secure https (SSL). (For WebServices use, see article ManageEngine AD Self Service Plus Custom SMS Gateway)

Here’s how I did it :

Enable SSL for the Apache playsms vhost

If not done yet, you must load the SSL Module for Apache2 :

sudo a2enmod ssl

Get SSL Certificate for my domain.

I recommend using Let’s Encrypt.

They have a very complete documentation on how to get an SSL Certificate, I’m not going to cover it in this post.

Adapt the Apache vhost config file to serve content over https

Edit your Apache2 Vhost Config File (typically /etc/apache2/sites-enabled/000-default.conf) to look like this :
<VirtualHost *:80>
        ServerAdmin mail@admin.org
        ServerName your.url
        DocumentRoot /var/www/html/playsms
  <Location />
        Require all granted
        Redirect 301 / https://your.url/
  </Location>
</VirtualHost>
<VirtualHost *:443>
        ServerName your.url
        ServerAdmin mail@admin.org
        DocumentRoot /var/www/html/playsms
        ErrorLog /var/log/apache2/error.log
        CustomLog /var/log/apache2/access.log combined
        SSLCertificateFile /path/to/your/ssl/certificate.crt
        SSLCertificateKeyFile /path/to/your/ssl/certificate.key
        SSLCertificateChainFile /path/to/your/ssl/certificatechain.crt
</VirtualHost>

In the first part (<VirtualHost *:80>), we are setting up a permanent 301 redirect. If you hit http://your.url you are instantly being redirected to https://your.url

Adapt playsms to behave correctly

In playsms, navigate to “Settings” -> “Main Configuration”

Here, change the Main website URL to use https://

 

In /var/www/html/playsms (or where-ever you choose to put your playsms installation), edit the file config.php :

Change

// are we using http or https ? the default is using http instead https
$core_config['ishttps']         = false;

to

// are we using http or https ? the default is using http instead https
$core_config['ishttps']         = true;

Leave a Reply