5

I'm developing a project using JavaScript, PHP and OpenLayers. A lot of maps are loaded using and HTTPS connection against an external OGC server.

When I try to load the map using HTTPS, they doesn't load (instead of, they show me an "Error loading the map, try again later").

I think that the problem is because of Digital Certificate. If I load directly from the server (using a WMS call) like this (look the last parameter):

https://serverurl/ogc/wms?service=WMS&version=1.1.0&request=GetMap&layers=ms1:lp_anual_250&styles=&bbox=205125.0,3150125.0,234875.0,3199875.0&width=306&height=512&srs=EPSG:4326&format=application/openlayers

The browser ask me for my authorization to see it. If I accept the Digital Certificate, I can see the map. After that, and because of my browser now accepts the certificate, I can see my own map from my own application.

I'm creating the layer like this:

activeLayer = new OpenLayers.Layer.WMS(
 layername, layerurl,
 {
 width: varmap.size.w,
 srs: varmap.projection,
 layers: layername,
 height: varmap.size.h,
 styles: style,
 format: 'image/png'
 }
 );
varmap.addLayer(activeLayer);

Is there any way to ask for the Digital Certificate manually when the user access to my web?

I'm using CodeIgniter to load views.

PolyGeo
65.5k29 gold badges115 silver badges350 bronze badges
asked Jan 30, 2011 at 13:00

1 Answer 1

6

You can use a proxy on your server so all client requests are made to your server, which deals with the certificate, gets the request and passes it back to the client. For PHP have a look at http://tr.php.net/manual/en/function.openssl-verify.php

If you are also using WMS software (MapServer, GeoServer) you could implement the same technique using a cascading WMS server. This would act as an intermediary between the remote server and users' browsers.

For details on how to do this in MapServer see http://geographika.co.uk/setting-up-a-secure-cascading-wms-on-mapserver

Note - using a proxy in this manner may go against the original WMS terms of agreement, so remember to check these first.

answered Jan 30, 2011 at 17:07
3
  • The servers aren't belong to me, so I can't implement a cascading WMS server. Probably, I'm going to add a new option to my web ('Use security connection') to allow the users get the maps using HTTPS. Thus, the user can select if want to use digital certificates or not. Thanks! Commented Jan 31, 2011 at 12:17
  • 1
    It doesn't matter if you don't own the original server - the cascading WMS would be set up on any server you can configure. Commented Jan 31, 2011 at 13:38
  • I didn't know that :P I'm going to talk with my OGC technical engineer and try to tell him what you told me. Thanks! Commented Jan 31, 2011 at 21:13

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.