Galileo SSL
Galileo by Travelport


Galileo SSL

Galileo SSL

Overview

Travelport’s “Galileo SSL Service” (SSL) provides access to Travelports Apollo and Galileo host systems via a secure socket layer (SSL) connection over the Internet.  SSL is the replacement for the Nortel VPN Contivity software, and may also be used as a replacement for point to point data circuits in some cases.

The SSL software installation is simple and automatically makes the configuration changes to Focalpoint, Galileo Desktop and Galileo Print Manager. Some manual configuration may be required if;

  • Connecting from a corporate network via a proxy server. See note below
  • Using Terminal Servers or Citrix Servers. See the Installation Guide for details.
  • Using Travelport Booking Feed (TBF - formerly GIDS) Content technical support to have your TBF queue configured for use via SSL.
  • Accessing 3270 hosts. In general, change the host destination to 127.0.0.1
  • Using 3rd party gateways such as those from Attachmate! or Innosys. Contact the 3rd party gateway manufacturer and/or Travelport technical support for assistance.

When installed, Galileo SSL creates a Microsoft Windows service and this service in turn connects Travelport desktop software as well as some other 3rd party gateways to Travelport’s host systems.

Once the connection has been established, you will continue to work on Focalpoint, Viewpoint or Galileo Desktop as you do today.

Note, While the SSL service may be used with older versions of our desktop software, such as Focalpoint, Travelport highly recommends using Galileo Desktop version v2.2 or above. There are minor, sporadic time out issues with earlier software versions which can be eliminated by upgrading to the current release of Galileo Desktop.

If you are using Windows 95, Windows 98, Windows ME or Windows NT, do not attempt to install the Galileo SSL service.

Download
Quick Installation instructions (all most people will need)

Quick Start Installation Instructions

  • Close the following programs if they are running;
  • Galileo Desktop
  • Galileo Print Manager
  • Focalpoint
  • Any 3rd party gateway products. Note, these will require manual configuration later in the process
  • To install the software, double-click the file you downloaded earlier.
  • Accept all of the defaults; in other words, click OK, next, continue until the software is installed
  • Restart Galileo Desktop, Galileo Printer Manager or Focalpoint as needed an return to work
  • Once working, if you have Nortel VPN Contivity software installed and are not using it to access anything other than Travelport systems, you may use Windows Add/Remove Programs to uninstall the Nortel software.

For the vast majority of our customers, this is all you should need to know and to do. Unless you are experiencing difficulties, are working with special circumstances or just curious, there should be no need to read the rest of this web page.

The complete installation guide can be downloaded from here.

Frequently Asked Questions
Galileo SSL Version Info
Travelport Previous Versions

 

 

Supported Travelport Products
  • Galileo Desktop
  • Galileo Print Manager
  • Travelport Booking Feed (TBF)
Supported Windows Versions
  • Windows XP (32-bit and 64-bit)
  • Windows Vista  (32-bit and 64-bit)
  • Windows 7  (32-bit and 64-bit)
  • Windows 8
  • Windows 2003 Server and above
  • Note, this software will not function on Windows 95/98/ME/NT or Winodws 2000 Professional or Windows 2000 Server.
  • See Other Windows Requirements below
Other Windows Requirements
Microsoft .Net 2.0 or above needs to be installed,
Windows 8
  • The correct version of .NET is included with Windows 8. However, It is not activated by default.
  • To enable
    • Open Control Panel
    • Select Programs And Features
    • Select "Turn Windows features on or off" (left hand column)
    • Place a check mark in the .NET Framework 3.5 (inludes .NET 2.0 and 3.0) box
    • Follow on screen instructions

 

 

 For Other Versions of Windows
  • If not present, the installation process will attempt to automatically download and install this software from Microsoft and and then complete the installation of the Galileo SSL service.
  • On 32-bit versions of Windows XP, “Microsoft Installer 3.1 v2” or above must be installed on the computer. See (KB893803)” for details and to obtain this software.
  • On 32-bit versions of Windows. If you are having difficulty using Windows Updates to download and install the Microsoft .NET v2.0 service, you may download and install this software directly from Microsoft at http://www.microsoft.com/en-us/download/details.aspx?id=1639
  • On 64-bit versions of Windows. If SSL appears to have installed properly but you have no connection to Apollo.
  • IMPORTANT, the 32-bit and 64-bit versions of .NET v2.0 ARE DIFFERENT and there are different links above for the appropriate version for your copy of Windows
  • Windows 8 Note .
    • DO NOT attempt to download Microsoft .NET v2.0.
    • Instead, from Control Panel, select Programs and Features,
    • Then select Turn Windows Features On and Off.
    • Check the .NET Framework 3.5 (Includes .NET 2.0 and .NET 3.0) box.
Firewall and Router Considerations

Customers who restrict agency desktop access to the internet on port 443 may need to add rules to their firewall and/or proxy servers to allow for SSL traffic to the following destinations.

As part of Travelport's commitment to improve the stability of our popular desktop SSL connectivity product, we have implemented multiple SSL termination points to allow quick resolution of customer impacting platform issues. To enable this capability in a seamless fashion, we are asking our travel agency customers who restrict desktop access to the internet to add the following rules to their firewalls.

The destinations shown with DNS names are the primary, high availability HSRP connection points. During normal operations, these will be the VPN end point. However, as part of Travelport's commitment to improve the stability of our popular desktop SSL connectivity product, we have implemented multiple SSL termination points to allow quick resolution of customer impacting platform issues. To enable this capability in a seamless fashion, we are ask our customers who restrict desktop access to the internet to permit SSL traffic to ALL of  the following destinations through their firewalls and/or routers.

Please allow access from the desktop to these public IP addresses from the desktop with a destination of TCP port 443.

  • 216.113.131.33
  • 216.113.159.225 (gdssl.galileo.com)
  • 216.113.159.226 (gdssl-atl.galileo.com)
  • 216.113.159.227

The various hosts listed above allow Travelport more flexibility to minimize customer impact in the event of an SSL problem. Should you have any questions or concerns please escalate using your normal procedures.

If there are no restrictions limiting desktop access to the internet on port 443, there should be no changes required of the customer.

Using SSL From Behind A Proxy Server
  • Use Notepad to open and edit c:\program files\galileo\ssl\SSLClientService.exe.config
    For 64-bit Windows, this file is in the c:\Program Files (x86)\Galileo\SSL folder
  • Locate the <appSettings> section of the file
  • Add the following two lines to the end of the <appSettings> section
    • <add key="Proxy Server Address" value="your.proxy.server's.name.here" />
    • <add key="Proxy Server Port" value="port#.for.https.here" />
  • Use the name or IP address of your proxy server on the fist line
  • Enter the port # your proxy server uses to forward SSL (https) traffic on the second line
  • Note, the syntax is CRITICAL, including spaced, quotes ("), etc.
  • Restart the SSL service by running services.msc or rebooting.

Example of the AppSettings section of this file where the proxy server's name is corp_proxy_srv and the LAn side port number used for https:/ssl is 5999. Note, you can use the IP address of your proxy server as in lieu of it's DNS name.

  <appSettings>
    <add key="SSL Server Port" value="443" />
    <add key="Keepalive Seconds" value="120" />
    <add key="Trace Level Override" value="Warning" />
    <add key="GIDS Queuename Override" value="2KZ_1V2855" />
    <add key="00F3473E_2748" value="achiabc999,57.8.81.11,57.8.81.111,2748" />
    <add key="SSL Server Address" value="gdssl.galileo.com" />
    <add key="Proxy Server Address" value="corp_proxy_srv" />
    <add key="Proxy Server Port" value="5999" />

  </appSettings>

Note: Currently, the Travelport SSL service does not support HTTP Proxy Servers which require authentication with a username and password at the time of connection. Support for this type of authentication may or may not be included in a future release.

Testing and Troubleshooting
A simple test to verify that using SSL will work for you
  • From a DOS/DMS prompt, type the following line and enter
  • telnet gdssl.galileo.com 443
  • The cursor shold disappear almost immediately.
Check to make sure the SSL service is runnng
  • On the Start, Run line, type the following line and ter
  • services.msc
  • Check the Galieo SSL Tunnel service to insude the status show started
  • Restart the service if you are having diffculties connecting.
For Galileo Desktop
  • Open Windows Control Panel,
  • Open the Galileo TCP/IP applet
  • Verify the Client ID is entered correctly
  • Verify that Used Fixed IP addresses is checked, and both addresses are 127.0.0.1
For Galileo Print Manager
  • Make sure Galileo Print Manager is running
  • Select the Configuration Server Tab
  • Verify the Client ID is entered correctly.
  • Verify that Used Fixed Configuration Server Addresses is checked and both addresses are 127.0.0.1
For Galileo IDS
  • First, to use Galileo IDS via SSL, Travelport must configure your GIDS Queue for use via SSL. Contact your GIDS technical contact to have this done for you.
  • Once that's done, run the GIDS Configuration utility
  • Set the MQ Host Name field is set to 127.0.0.1
  • Use Notepad to open and edit c:\program files\galileo\ssl\SSLClientService.exe.config
    For 64-bit Windows, this file is in the c:\Program Files (x86)\Galileo\SSL folder
  • Add the following line to the end of the <appSettings> section
    • <add key="GIDS Queuename Override" value="queue_name_here" />
  • Note, the syntax is CRITICAL, including spaced, quotes ("), etc.
  • Restart the SSL service by running services.msc or rebooting.

Example of the AppSettings section of this file where the GIDS Queue name is 2KX_1V29876
Note. use YOUR GIDS Queue Name .. the one shown in the example is for example onliy.

  <appSettings>
    <add key="SSL Server Port" value="443" />
    <add key="Keepalive Seconds" value="120" />
    <add key="Trace Level Override" value="Warning" />
    <add key="GIDS Queuename Override" value="2KX_1V29876" />
    <add key="00F3473E_2748" value="achiabc999,57.8.81.11,57.8.81.111,2748" />
    <add key="SSL Server Address" value="gdssl.galileo.com" />
    <add key="Proxy Server Address" value="corp_proxy_srv" />
    <add key="Proxy Server Port" value="5999" />
  </appSettings>

For 3270 emulators and 3rd party gateways, etc.

In general terms, you wlll need to

  • Change the configuration of the product, replacing Configuratoin Server, IPC, IPCS,e tc., settings which are usually set to 198.177.164.151/152 or 57.8.81.13/113 with 127.0.0.1.. .and once that change is made, restart and/or registrer the product.
  • As these products are not written by or supported directy by Travelport, you will need to contact the manufacturer of the 3rd party product for any further assistance.
Support

Contact the Travelport Help Desk in your area for support.

 

Copyright © 1999-2014 Travelport, Inc. and/or its affiliates. All rights reserved.  Privacy Policy | Terms of Use | Site Map


Copyright © 1999-2014 Travelport, Inc. and/or its affiliates. All rights reserved.