Got feedback or spotted a mistake?

Leave a comment at the end of this page or email contact@krishagni.com

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

Configuring SSL

Getting SSL certificate

A SSL certificate is issued by a Certificate Authority (CA). Your internal IT/IS team might be able to help you with this. You might have to submit the basic information in the form of CSR (Certificate Signing Request). Refer this page to regenerate CSR: https://in.godaddy.com/help/generating-a-certificate-signing-request-csr-apache-2x-5269

Configure Apache

Once you have the SSL certificate, you can proceed to configure Apache:

  1. Copy the certificate files to ${apache_home}/conf/CSR/

  2. Open "${apache_home}/conf/httpd.conf" file 

  3. Search for the "LoadModule ssl_module modules/mod_ssl.so" and remove any pound sign(#) at the start of the line (i.e. un-comment it)

  4. Add below section at the end of the file after replacing the dummy values with real one.
Listen 443
<VirtualHost *:443>
    DocumentRoot "D:\OpenSpecimen\Apache2.2\htdocs"
    ServerAdmin biobank@yourdomain.edu
    ServerName biobank.yourdomain.edu
    SSLEngine on
    SSLCertificateFile "D:\OpenSpecimen\Apache2.2\conf\CSR\biobank_cert.crt"
    SSLCertificateKeyFile "D:\OpenSpecimen\Apache2.2\conf\CSR\biobank.key"
	RedirectMatch ^/$ /openspecimen
    ProxyPass /openspecimen ajp://localhost:8009/openspecimen
    ProxyPassReverse /openspecimen ajp://localhost:8009/openspecimen


</VirtualHost>
 
 
Note: Make sure that "SSLCertificateFile" and "SSLCertificateKeyFile" are properly located.

                                 

Configuring Apache to prevent browser caching

How to Set an Expires Header in Apache?

This header allows you to set a given period of time to live for web pages and other objects served from web pages. 

The idea is to inform web browsers how often they should reload objects from the server. This will save the bandwidth and server load, because clients who follow the header will reload objects less frequently. For more details on Expires Directive, please refer: http://httpd.apache.org/docs/current/mod/mod_expires.html

  1. Enable expires module: 
    The expires module is not compiled by default and must be enabled in the Apache. To enable the expires module please run the below command:

    sudo a2enmod mod_expires


  2. Add the below directive in the <Virtual Host> section. 

    ExpiresActive On
    ExpiresDefault "access plus 3 hours"

    After updating the Virtual Host configuration will looks like below:

    <VirtualHost *:443>
    DocumentRoot "D:\OpenSpecimen\Apache2.2\htdocs"
    ServerAdmin biobank@yourdomain.edu
    ServerName biobank.yourdomain.edu
    
    ExpiresActive On
    ExpiresDefault "access plus 3 hours"

    SSLEngine on
    SSLCertificateFile "D:\OpenSpecimen\Apache2.2\conf\CSR\biobank_cert.crt"
    SSLCertificateKeyFile "D:\OpenSpecimen\Apache2.2\conf\CSR\biobank.key"
	RedirectMatch ^/$ /openspecimen
    ProxyPass /openspecimen ajp://localhost:8009/openspecimen
    ProxyPassReverse /openspecimen ajp://localhost:8009/openspecimen
</VirtualHost>



  • No labels
Got feedback or spotted a mistake?

Leave a comment at the end of this page or email contact@krishagni.com