Personal tools
Navigation
 
Document Actions

6.3.3.1. Debian 3.x and Ubuntu 6.xx

Up one level
This section describes how to configure Apache 2.0 for Debian and Ubuntu systems to provide transport layer security for GRIA services.

Firstly install the necessary apache2 packages, e.g. $ sudo apt-get install apache2 libapache2-mod-jk.

Prepare certificate entries for Apache:

Download the sample gria-services.conf file and edit it accordingly, e.g. provide valid entries for the following file which you should have prepared in the previous page:

  • SSLCertificateFile
  • SSLCertificateKeyFile
  • SSLCACerticateFile
  • SSLCARevocationFile

Note: do not uncomment any of the ProxyPass lines!

Copy gria-services.conf into /etc/apache2/sites-available.

Edit /etc/apache2/ports.conf, and add the line:

Listen 443

Now you need to enable the new 'site' with the Apache2 enable-site utility, and the SSL and JK2 modules:

  • a2ensite gria-services.conf
  • a2enmod ssl
  • a2enmod jk

NOTE: you may prompted to reload apache for each of these steps e.g.

/etc/init.d/apache2 reload.

Configure apache to forward all HTTPS requests to tomcat:

configuring Apache to use mod_jk you need to edit /etc/apache2/mods-available/jk.load to include the following:

LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so
# Where to find workers.properties
JkWorkersFile /etc/apache2/workers.properties
# Where to put jk logs
JkLogFile     /var/log/apache2/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel    info
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions     +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat     "%w %V %T"
# Send everything for context /examples to worker named worker1 (ajp13)
JkMount /gria-basic-app-services worker1
JkMount /gria-basic-app-services/* worker1
JkMount /gria-client-mgt worker1
JkMount /gria-client-mgt/* worker1
JkMount /gria-service-provider-mgt worker1
JkMount /gria-service-provider-mgt/* worker1

To complete the configuration you need to create a workers.properties file in /etc/apache2 with the following contents:

# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.lbfactor=50
worker.worker1.cachesize=10
worker.worker1.cache_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.reclycle_timeout=300

Restart Apache

You can now access the GRIA admin pages through HTTPS, e.g. https://localhost/gria-basic-app-services

Next: Fedora Previous: Apache 2  
Powered by Plone CMS, the Open Source Content Management System