-
Open
Apache<version>\conf\httpd.conf and uncomment the
following LoadModule directives:
mod_setenvif.somod_ssl.somod_headers.somod_proxy.somod_proxy_http.so
SSL is now enabled on the Apache server.
-
Add the following lines at the end of
Apache<version>\conf\httpd.conf:
<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
Listen 443
<VirtualHost *:443>
ServerName localhost
SSLEngine on
SSLProxyEngine On
ErrorLog logs/your_error_log
TransferLog logs/your_access_log
LogLevel warn
SSLCertificateFile conf/domain.crt
SSLCertificateKeyFile conf/domain.key
ProxyPass /papi https://exalead_host:19052/papi
ProxyPassReverse /papi https://exalead_host:19052/papi
<Location "/">
Require all granted
</Location>
</VirtualHost>
-
To generate and deploy Apache SSL key/certificate, run:
openssl req -newkey rsa:2048 -nodes -keyout domain.key -x509 -days 365 -out domain.crt where
domain.key and domain.crt are the new key and
certificate files to be created (name them as required).
Note:
When prompted to enter Common Name (eg, your name or your server's hostname)
[]:, use the ftsProxyURL host value. It must be the same as
the Apache server host name specified previously for ServerName
(localhost in this example).
-
Copy your certificate and key (in our example,
domain.crt,
domain.key) to Apache<version>\conf.
-
To import Apache's X.509 certificate to FCS JRE store, run:
keytool -import -keystore ${FCS_JRE_home} \lib\security\cacerts -file ${Apache24_home}\conf \domain.crt -alias myalias
-
Restart your Apache service.
|