Monday, 25 November 2013

Making a website https using Apache(httpd) and tomcat on Windows Server

Getting SSL certificate from Seller:

1.       Hit command openssl on windows command prompt at windows server

2.       If no openssl command recognized install openssl first.

3.       After installation goto https://www.digicert.com/easy-csr/openssl.htm

4.       Fill the form and generate the command , copy and paste the command in server                 command prompt and execute it

5.       This will generate websitename.csr and websitename.key

6.       Upload the websitename.csr while purchasing the ssl certificate

7.       Seller will give server.crt and bundle.crt (maybe with different names)


8.       Keep the websitename.key which will be needed by apache webserver.

Configuring Apache for SSL :

    1.     Install apache of latest version with openssl .Check if extracted apache folder has               mod_ssl and mod_rewrite .

2.    Setup procedure for Apache with ssl :

 a.    Seller will give bundle.crt and server.crt as we discuss earlier, store this in                      apache/conf folder .Put websitename.key also in apache/conf folder.Rename                websitename.key to server.key

b.     Edit httpd.conf file located  in conf folder of apache
        i.   Delete # sign in front of LoadModule ssl_module  modules/mod_ssl.so
        ii.  Delete #sign in front of    Include conf/extra/httpd-ssl.conf

c.       Edit httpd_ssl.conf located in conf/extra folder of apache

      i.  Modify following section according to your need

<VirtualHost _default_:443>
  ServerAdmin some@email.com
  DocumentRoot "Your Root folder location"
  ServerName www.domain.com:443
  ServerAlias domain.com:443
  ErrorLog "logs/anyFile-error.log"
  CustomLog "logs/anyFile-access.log" common
  SSLEngine on
  SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.cert"
 SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.key"
 </VirtualHost> 

      ii.  Make sure that "SSLCertificateFile" and "SSLCertificateKeyFile" are properly located.

 3.   Edit settings in windows advance firewall setting

i.      Modify ApacheWebserver port to any option or add 443 with 80 in inbound rules table

ii.    Or you can add exception in windows firewall for TCP port 443

   4.  Restart the apache webserver .

   5.  You may  get an error while starting the apache webserver, Read the Details from Error      Log or can see the error in event viewer . 

            a.   If the error is   Error: 185073780 error:0B080074:x509 certificate                                                     routines:X509_check_private_key:key values mismatch

          view the certificate modulus using the following command:
          openssl x509 -noout -text -in certfile -modulus

          view the key using the following command:
         openssl rsa -noout -text -in keyfile –modulus

                  If modulus are different reissue the request to get server.crt.

              b. Syntax error on line 51 of /usr/local/apache2/conf/extra/httpd-ssl.conf
                    Invalid command 'SSLCipherSuite', perhaps misspelled or defined by a module                             not included in the server configuration 

                  Uncoment the following line from httpd.conf by removing # sign and save it. 

                  LoadModule ssl_module modules/mod_ssl.so  .  

              c.  Syntax error on line 76 of  SSLSessionCache: 'shmcb' session cache not supported                        (known names: ). Maybe you need to load the appropriate socache module                                    (mod_socache_shmcb?).

                   Uncoment the following line from httpd.conf by removing # sign and save it. 

         LoadModule socache_shmcb_module modules/mod_socache_shmcb.so                 
              d. Apache may stop responding on http but respond on https or Apache hangs & needs                     restarting regularly due to commodo filter .  Just add following lines 
                       
                    AcceptFilter http none
          AcceptFilter https none

                  For more details please visit this Link

   6.   Hope this will help .


Configuring ApacheWebServer with SSL to redirect to tomcat :

1.       Add following statement to httpd.conf and save .

JkExtractSSL On 
JkHTTPSIndicator HTTPS
JkSESSIONIndicator SSL_SESSION_ID 
JkCIPHERIndicator SSL_CIPHER
JkCERTSIndicator SSL_CLIENT_CERT

2.       Add following statement to httpd_ssl.conf and save it.

 JkMountCopy On
 JkMount /* ajp13

3.       Restart the Server , if still not working you should add Listen 443 line in httpd.conf after     Listen 80

Configuring ApacheWebServer with SSL to redirect request from http to https :

       
a.       Uncomment the line LoadModule rewrite_module modules/mod_rewrite.so by removing # sign before it in httpd.conf.

b.      Add following statements in httpd.conf for every page to redirect to https automatically

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*)
https://%{HTTP_HOST}%{REQUEST_URI}

c.       Add following statements in httpd.conf for single page to redirect to https automatically

RewriteEngine On
RewriteRule ^apache-redirect-http-to-https\.html$ https://www.yoursite.com/apache-redirect-http-to-https.html [R=301,L]




Saturday, 23 November 2013

Making website websitename:8080 to only websitename

 

1         1     Download the http war file from http://httpd.apache.org/download.cgi

2         2     Extract the file and install as per guided on http://httpd.apache.org/docs/2.2/install.html

3         3     Httpd.msi is available at www.anindya.com , for direct installation can be done on                        windows by simply double click on msi file.

4         4     After installing it as a service run the service and hit the url http://localhost to see if its                   working or not .

5         5     You can change the home page in 
                  C:/Program Files/Apache Software Foundation/Apache2.2/htdocs

6         6     Now our job is to show the tomcat/webapps/Root indexpage  when localhost is hit on               browser instead of  htdocs index page .

7         7     First go to the server.xml of tomcat/bin and uncomment the line 
<                    Connector port="8009" protocol="AJP/1.3"  redirectPort="8443" />  
                 and save it (note run note as admin to  save ).

8            Then download the mod_jk.so from the  http://tomcat.apache.org/connectors-doc/                         binaries which  should be suitable for your apache webserver version.

9         9     Paste the mod_jk.so file to apache/modules where all other .so are kept

1        10  Create workers.properties file in apache/conf folder paste the following and save it.

               worker.list=jk-status
               worker.jk-status.type=status               worker.jk-status.read_only=true               worker.list=jk-manager               worker.jk-manager.type=status               worker.list=jk-status               worker.jk-status.type=status               worker.jk-status.read_only=true               worker.list=jk-manager               worker.jk-manager.type=status               worker.balancer.error_escalation_time=0               worker.balancer.max_reply_timeouts=10               worker.balancer.balance_workers=node1               worker.node1.reference=worker.template               worker.node1.host=localhost               worker.node1.port=8109               worker.node1.activation=A               worker.balancer.balance_workers=node2               worker.node2.reference=worker.template               worker.node2.host=localhost               worker.node2.port=8209               worker.node2.activation=A               worker.template.type=ajp13               worker.template.socket_connect_timeout=5000               worker.template.socket_keepalive=true               worker.template.ping_mode=A               worker.template.ping_timeout=10000               worker.template.connection_pool_minsize=0               worker.template.connection_pool_timeout=600               worker.template.reply_timeout=300000               worker.template.recovery_options=3               worker.list=ajp13               worker.ajp13.port=8009               worker.ajp13.host=localhost               worker.ajp13.type=ajp13               worker.ajp13.lbfactor=1



1         11     Now Edit the httpd.conf file in apache/conf, paste the following
                       LoadModule jk_module modules/mod_jk.so
               JkWorkersFile conf/workers.properties
               JkShmFile  conf/mod_jk.shm
               JkLogFile  logs/from_apache_mod_jk.log
               JkLogLevel info
               JkLogStampFormat "[%a %b %d %H %M %S %Y]"
               JkMount /* ajp13

1          12.      Now restart the apache webserver.

1          13.  For more details about this topic you can visit the site 





Thursday, 21 November 2013

Customize the Apache web server


  •     Adding our own web pages:

      Web pages are added either in htdocs which is a default directory set in https.conf file or you can change the directory path by changing Document Root and making changes in directory label which already has default path

  •        Virtual host configuration:

1.     Virtual host has two types :

                                 I.   Different domain names (use for different website on same server) with same Ip address on same server.
                                 II.   Different domain names with different ip address on same server

2.    Add a domain name and own ip address in host file of windows.

3.    Add a line “  Include conf/virtual-hosts.conf” at the end of httpd file.

4.    Create virtual-hosts.conf file in conf folder.

5.    Add these line

 NameVirtualHost *:8080

<VirtualHost *:8080>
    
       ServerName www.localhost.com

        DocumentRoot "D:/website/web1"
       
        CustomLoglogs/www.localhost.com.access.logcombined
        ErrorLog logs/www.localhost.com.error.log

</virtualHost>

6.    You can add more than one tab of virtual host if want to assign more domain names.

7.    Change host file respectively

8.    Add Respective directory tab in httpd.conf file which will locate the website in system.


9.    Restart http.exe by closing it by ctrl+c and start it by double click on it.

Installing and running Apache web server

How to install Apache web server

     1. Enter the network domain name eg  example.net.

2.     Enter full DNS name  eg  server.example.net .

3.     Enter Administrator Email Address

4.     Select   i. For all user :- if want to run as service on port 80

                     ii. For current user :-for your personal experimenting.

5.     Select type typical or custom depending on your requirement.

6.     Use default path in c drive for installation


How to Run the Apache web server

1.     Go to apache folder in program files ,click on httpd (exe)

2.     Click on monitor apache server

3.     Check on httpd if it is showing any error or not.

Error may occur:

         Starting httpd: httpd: Could not reliably determine the server's fully qualified domain                       name, using ::1 for Server Name

 How to remove:-

1.     Search for the host file in 
        C:\windows\system32\drivers\etc\   or   %systemroot%\system32\drivers\etc\

2.     Open notepad using run as Administrator. Open this host file.

3.     Add your Full domain name and your IP address in this file save it

4.     Restart the monitor and httpd.exe