星期二, 十二月 11, 2012

Apache JK with https


#configuration with https
#<apache_home>/conf/httpd.conf
LoadModule ssl_module modules/mod_ssl.so 
Include conf/extra/httpd-ssl.conf 
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

#<apache_home>/conf/extra/httpd-ssl.conf
SSLCertificateFile "<apache_home>/conf/server.crt"
SSLCertificateKeyFile "<apache_home>/conf/server.key"

#generate key and certification
<apache_home>/bin>openssl genrsa -out server.key 1024
<apache_home>/bin>openssl req -new –out server.csr -key server.key -config ../conf/openssl.cnf

<apache_home>/bin>openssl genrsa -out ca.key 1024
<apache_home>/bin>openssl req -new -x509 -days 365 -key ca.key -out ca.crt -config ../conf/openssl.cnf
<apache_home>/bin>openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key -config ../conf/openssl.cnf

<apache_home>/bin>mkdir demoCA
<apache_home>/bin>touch demoCA/index.txt
<apache_home>/bin>echo 01 > demoCA/serial
<apache_home>/bin>mkdir demoCA/newcert

<apache_home>/bin>cp server.crt <apache_home>/conf
<apache_home>/bin>cp server.key <apache_home>/conf

#configration jk with https
#<apache_home>/conf/httpd.conf
LoadModule jk_module modules/mod_jk.so

<IfModule jk_module>
JkWorkersFile conf/workers.properties
JkMountFile conf/uriworkermap.properties
JkLogFile     logs/mod_jk.log
JkLogLevel    info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
</IfModule>

#<apache_home>/conf/extra/httpd-ssl.conf
JkMountFile conf/uriworkermap.properties

#<apache_home>/conf/uriworkermap.properties
/test/*=load_balancer
/jkstatus=jkstatus

#<apache_home>/conf/workers.properties
worker.list=load_balancer,jkstatus

worker.server2.host=localhost
worker.server2.port=8010
worker.server2.type=ajp13
worker.server2.lbfactor=1

worker.load_balancer.type=lb
worker.load_balancer.balanced_workers=server2
worker.jkstatus.type=status

没有评论: