Versions Compared

Old Version 12

changes.mady.by.user Vinod Gaikwad (Unlicensed)

Saved on

compared with

New Version 13

changes.mady.by.user Vinod Gaikwad (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
Configuring SSL

Getting SSL certificate

A An SSL certificate is issued by a Certificate Authority (CA). Your internal IT/IS team might be able to help you with this. You might have to submit the basic information in the form of CSR (Certificate Signing Request). Refer this page to regenerate CSR: https://in.godaddy.com/help/generating-a-certificate-signing-request-csr-apache-2x-5269

...

  1. Copy the certificate files to ${apache_home}/conf/CSR/

  2. Open "${apache_home}/conf/httpd.conf" file 

  3. a) Search for the "LoadModule ssl_module modules/mod_ssl.so" and remove any pound sign(#) at the start of the line (i.e. un-comment uncomment it)

    b) If this line is not found in the file, then it means that the ssl SSL module is not installed. Please install this depending on the OS of the server.
                    For CentOS - yum install mod_ssl

  4. Skip this step if you installed SSL module manually i.e (3.2)

    Add below section at the end of the file httpd.conf file after replacing the dummy values with the real one. 

    Code Block
    Listen 443
<VirtualHost *:443>
    DocumentRoot "D:\OpenSpecimen\Apache2.2\htdocs"
    ServerAdmin biobank@yourdomain.edu
    ServerName biobank.yourdomain.edu
    SSLEngine on
    SSLCertificateFile "D:\OpenSpecimen\Apache2.2\conf\CSR\biobank_cert.crt"
    SSLCertificateKeyFile "D:\OpenSpecimen\Apache2.2\conf\CSR\biobank.key"
	RedirectMatch ^/$ /openspecimen
    ProxyPass /openspecimen ajp://localhost:8009/openspecimen
    ProxyPassReverse /openspecimen ajp://localhost:8009/openspecimen
</VirtualHost>
 
Note: Make sure that "SSLCertificateFile" and "SSLCertificateKeyFile" are properly located.

  5. In case of the new SSL module installation, edit /etc/httpd/conf.d/ssl.conf file and add below lines in <VirtualHost> tag.

    Code Block
    ServerAdmin biobank@yourdomain.edu
ServerName biobank.yourdomain.edu
SSLCertificateFile "D:\OpenSpecimen\Apache2.2\conf\CSR\biobank_cert.crt"
SSLCertificateKeyFile "D:\OpenSpecimen\Apache2.2\conf\CSR\biobank.key"
RedirectMatch ^/$ /openspecimen
ProxyPass /openspecimen ajp://localhost:8009/openspecimen
ProxyPassReverse /openspecimen ajp://localhost:8009/openspecimen
 
Note: Remove existing entries for "SSLCertificateFile" and "SSLCertificateKeyFile". Also make sure files are located at specified path.

...

How to configure Apache to set expires header?

This header allows an application to set a given period of time to live for web pages and other objects served from web pages. 

The idea is to inform web browsers how often they should reload objects from the server. This will save the bandwidth and server load , because clients who follow the header will reload objects less frequently. For more details on Expires module, please refer: http://httpd.apache.org/docs/current/mod/mod_expires.html

...