Enabling PHP and SSL for the iPhone/iPad Interfaces (Legacy)

Enabling PHP and SSL in order to get the iPhone & iPad Interface up and running is a complicated subject. If you get confused following these instructions, please don't hesitate to contact MacPractice Support. We're more than happy to assist you.

One note: Every time you update the OS, you will need to repeat these steps, as the files we edit are replaced when updating the OS.

Before You BeginBefore beginning, you will need:

  • Make sure there is a password for the Administrator user of the computer: this is the Mac OS X Administrator User. Without this password you will not be able to enable PHP or SSL.

  • In order for the interface to work, you will need to have your network administrator configure your network so that Port 443 is open on all potential devices that could block incoming traffic, such as your firewalls or routers. You'll also need to configure your router or networking equipment so that any traffic on Port 443 is forwarded to your server's internal IP address. Doing this will make sure that you can access the interface from anywhere, not just the office's network.

    • This isn't something that MacPractice can assist with, as we do not know how your network is configured, and would need to be on site to be able to make the necessary decisions.

    • If you aren't certain, you can check the status of Port 443 in Network Utility. Use the Spotlight Search, type in Network Utility, and it should populate. From there, click on the "Port Scan" tab.

  • For the easiest method of editing the necessary files, we would recommend downloading BBEdit, a text-editing application. This is optional, as the Terminal has a built in text editor, but ease-of-use is not as polished and there is no mouse support.

    • You can download BBEdit here. Once downloaded and opened up, you'll be instructed to drag BBEdit into your Applications folder.

    • Once BBEdit is fully running, navigate to the BBEdit Menu, and select "Install Command Line Tools..." Confirm that you wish to install these. This will allow you to edit files from Terminal with BBEdit, which will make it easier.

Screen_Shot_2017-07-26_at_3.24.08_PM.png

Enabling PHP on MacOS 10.10+ (Yosemite and Up)In order to enable PHP, we'll need to make some edits to a series of files, httpd.conf and php.ini.

Editing the httpd.conf fileFirst, open Terminal from Applications > Utilities > Terminal. Copy and paste the following in the Terminal window and press Enter:

sudo cp /etc/apache2/httpd.conf /etc/apache2/httpd.conf.default

This command copies the original configuration file and gives the copy a new name in case we need to revert our changes. You'll be prompted for a password if this is the first sudo command you've run in this Terminal window. This is the macOS administrator password used when logging into the computer. Enter it into the Password field. You won't see any characters when entering the password; this is normal. You'll know you're successful if the command prompt immediately pops up after entering the password, as in the screenshot below.

Screen_Shot_2017-07-26_at_4.16.30_PM.png

Next, open the config file in BBEdit by copying and pasting the following in the Terminal and pressing Enter:

sudo bbedit /etc/apache2/httpd.conf

In BBEdit, go to the Search Menu and click "Find". In the Find Window, enable "Wrap Around".

 

Screen_Shot_2017-02-20_at_3.39.01_PM.png

If setting up on a server with Sierra or an earlier OS:

Search for "libphp5.so". You will see the following line:

#LoadModule php5_module libexec/apache2/libphp5.so

Remove the pound sign (#) in front of the line to activate the line. The resulting line should look like the following:

LoadModule php5_module libexec/apache2/libphp5.so

If setting up on a server with High Sierra or greater:

Search for "libphp7.so". You will see the following line:

#LoadModule php7_module libexec/apache2/libphp7.so

Remove the pound sign (#) in front of the line to activate the line. The resulting line should look like the following:

LoadModule php7_module libexec/apache2/libphp7.so

Do this for all installations:

Search for "mod_ssl.so". You will see the following line:

#LoadModule ssl_module libexec/apache2/mod_ssl.so

Remove the pound sign (#) in front of the line to activate the line. The resulting line should look like the following:

LoadModule ssl_module libexec/apache2/mod_ssl.so

Search for "shmcb", which will return:

#LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so

If there is a # sign in front of the line, remove the # sign to uncomment the line.
If the # sign is not present, move on to the next step.

Save the file (File > Save)

This covers the httpd.conf file.

Editing the php.ini fileNext, we'll want to address the php.ini file.
Copy and paste this line into Terminal, press Enter and type your password for your Mac if prompted:

sudo cp /etc/php.ini.default /etc/php.ini

Copy and paste the following line into Terminal, then press Enter.

sudo bbedit /etc/php.ini

In the php.ini file in BBEdit, in the top menu, go to Search > Find and search for:

If setting up on a server with Sierra or an earlier OS:

mysql.default_socket =

Change this line to:

mysql.default_socket = /tmp/mysql.sock

If setting up on a server with High Sierra or greater:

Find and search for:

pdo_mysql.default_socket =

Change this line to:

pdo_mysql.default_socket = /tmp/mysql.sock

Do this for all installations:

Go to Search > Find and search for:

;date.timezone =

Remove the ; before date.timezone =
After date.timezone = , you'll enter your Timezone in the format indicated below:

Eastern - "America/New_York"
Central - "America/Chicago"
Mountain - "America/Denver"
Mountain, no DST - "America/Phoenix"
Pacific - "America/Los_Angeles"
Alaska - "America/Anchorage"
Hawaii - "America/Adak"
Hawaii no DST - "Pacific/Honolulu"

So for example, for the Central timezone, we'd ensure the line looked like this:

date.timezone = "America/Chicago"

Save the php.ini file. You may be prompted for a password.

Copy and paste this line into Terminal, press Enter and type your password for your Mac if prompted:

sudo bbedit /etc/apache2/extra/httpd-ssl.conf

Search for "SSLMutex" which may return:

SSLMutex  "file:/private/var/run/ssl_mutex"

If this line is present, it needs to be removed and replaced with:

Mutex sysvsem default 

If there is no SSLMutex in that file, this step can be ignored.

Save the file (File > Save)

Finally, restart Apache in terminal by pasting the following line into the terminal window:

sudo apachectl restart

After the restart, PHP should be enabled. Next, we'll need to enable SSL.

Enabling SSL

SSL stands for Secure Socket Layer. It is a method of transmitting information over the internet in a secure, encrypted format. To enable SSL, you must create or purchase an SSL Certificate. There are two types of SSL Certificates:

  • Unverified: An unverified certificate is set up independently by a user. It is not necessarily less secure; it simply means that a third party organization has not verified that the name/organization listed on the certificate is the name/organization that actually holds the certificate. Mac OS X can create unverified SSL Certificates.

  • Verified: A verified certificate is purchased from a third party organization such as VeriSign, DigiCert, GoDaddy and more. It is "verified" because the organization that issues the certificate verifies the name/organization listed on the certificate is the actually the name/organization that is using the certificate.

We'll cover how to configure an unverified certificate for use with your MacPractice web interfaces (such as the iPhone or iPad Web Interface, Patient Portal, and so on).

 

Configuring an Unverified SSL Certificate

Open the Terminal Application (Applications > Utilities > Terminal).
Copy and paste the following code and press Enter:

sudo php ~/enable_ssl.php

You will be prompted to enter the following information. Please review this carefully.

Country Name: Two letter code for the country. Usually US.
State or Province Name: Full name, i.e. "Nebraska".
Locality Name: Usually refers to the city, i.e. "Lincoln".
Organization Name: Input the practice name here.
Organizational Unit Name: Can refer to a department. Usually can leave this field blank.
Common Name: Enter "localhost" here.
E-mail Address: Enter the account e-mail address here.
Challenge Password: You can leave this blank.
An Optional Company Name: You can leave this blank.

Does it work?
Once this step is complete, a web browser page will automatically open attempting to navigate to https://localhost. If you are successful, you will see a simple page with 'It Works!' displayed in bold. If you see this, you've set up PHP and SSL successfully!
Test the interface by navigating to https://localhost/iphone or https://localhost/ipad. It should bring up a web app page with the MacPractice app icon, prompting for a user name and password. Make sure to log in to an account other than just 'admin', because you will NOT be able to sign into "admin" from the Interface for security reasons.

Screen_Shot_2017-02-21_at_4.32.18_PM.png

If you want to test the remote connection, the url will be http://[External IP Address]/iPhone (or iPad), for example:

http://111.111.111.111/iphone

To get the IP address:

  1. Go to your MacPractice server and open the Safari web browser.

  2. Type myip.macpractice.net in the URL bar or click http://myip.macpractice.net.

  3. Use this IP address to access the application outside of your office.

OS Server App and Symbolic Links

If the computer has the OS Server app, you will need to do some additional steps to get everything running. The main component is that you'll need to enable symlinks.
First open the Server App on the computer and verify that PHP websites are turned on.  Turn them on if they are not enabled.

TIP: After everything is installed and set up (including the symbolic links) and the interface still will not load, come back and toggle the PHP websites off and back on and try again.

 

In Terminal:

sudo su cd /Library/Server/Web/Data/Sites/Default ln -s /Library/WebServer/Documents/iPhone iphone ln -s /Library/WebServer/Documents/iPad ipad ln -s /Library/WebServer/Documents/patientportal patientportal 

Too Many Redirects Error

If you get this error, type in the following command into Terminal, whichever one applies to the Interface you have purchased.

sudo bbedit /Library/WebServer/Documents/iphone/index.php or sudo bbedit /Library/WebServer/Documents/ipad/index.php

This will open up the file in BBEdit.  Find the lines that say:

if ($_SERVER["HTTPS"] != "on") { header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); exit(); }

And add // in front of each line. This effectively disables the line. It should look like this after:

// if ($_SERVER["HTTPS"] != "on") { // header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); // exit(); // }

 

Save the file.  This should correct the too many redirects error, however when you access the iPhone or iPad interfaces, you MUST input 'https' when they access the link from their phone or iPad the first time, as the interface will not automatically input the 's' which denotes a secure connection.  

So your URL would look like...

https://111.111.111.111/iphoneÂ