Apache-2.4 Tomcat-7 SSL VirtualHost self-signed certificate installation test_PHP tutorial

Apache-2.4 Tomcat-7 SSL VirtualHost self-signed certificate installation test

1. Install the Yilan software package

1. Install the apr software package
# wget -c http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/apr-1.5.2.tar.bz2
#tar -jxvf apr-1.5.2.tar .bz2
#cd apr-1.5.2
# ./configure --prefix=/usr/
#make
# make install

2. Install apr-util software Package
# wget http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/apr-util-1.5.4.tar.bz2
#tar -jxvf apr-util -1.5.4.tar.bz2
#cd apr-util-1.5.4
#cd /usr/local/src/apr-util-1.5.4
#./configure --prefix= /usr/ --with-apr=/usr/
#make
#make install

3. Install pcre software package
#wget -c http://sourceforge.net/ projects/pcre/files/pcre/8.37/pcre-8.37.tar.bz2/download
# tar -jxvf pcre-8.37.tar.bz2
#cd pcre-8.37
# ./configure -- prefix=/usr/local/
#make
#make install

2. Install the Apache software package

#wget -c http://apache.fayea.com/ /httpd/httpd-2.4.16.tar.bz2
#cd httpd-2.4.16
#./configure --prefix=/usr/local/apache-2.4 --enable-modules=all -- enable-mods-shared=all --enable-ssl
#make
#make install

3. Enable ssl support
1. Modify vi httpd.conf and enable
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-ssl.conf


4. Generate a self-signed certificate:
# cd / usr/local/apache-2.4/conf/
#openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout server.key -out server.crt
#Fill in the country, organization, and Generate self-signed certificates with region and company names

5. Start Aapche software testing. .
#/usr/local/apache-2.4/bin/apachectl start
https://access, please note that the firewall opens port 443


6. Apache Tomcat-7 connection


1. Install JDK briefly
# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-7/v7.0.64/bin/apache-tomcat-7.0.64 .tar.gz
# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-connectors/jk/tomcat-connectors-1.2.41-src.tar.gz
2. Installation Tomcat
# tar -zxvf apache-tomcat-7.0.64.tar.gz
# ln -s tomcat apache-tomcat-7.0.64

3. Install tomcat-connectors module
# tar -zxvf tomcat-connectors-1.2.41-src.tar.gz
# cd tomcat-connectors-1.2.41-src
# ./ buildconf.sh
# ./configure --with -apxs=/usr/local/apache-2.4/bin/apxs --with-tomcat=/usr/local/tomcat --with-java-home=/usr/local/jdk --with-jni
# make
#make install

7. Enable mod_jk module

Modify vi httpd.conf and finally add the following to enable mod_jk module support

# Load mod_jk module
LoadModule jk_module modules/mod_jk.so
# Where to find workers.properties
JkWorkersFile /usr/local/apache/conf/workers.proferties
# Where to put jk logs
JkLogFile /usr/local/ apache/logs/mod_jk.log

# Set the jk log level [debug/error/info]
JkLogLevel info

# Select the timestamp log format
JkLogStampFormat "[% a %b %d %H:%M:%S %Y] "

# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"

# JkOptions indicate to send SSL KEY SIZE,
JkOptions ForwardKeySize ForwardURICompat -ForwardDirectories

# Send servlet for context /examples to worker named worker1
#JkMount /examples/*.jsp worker1
JkMount /servlet/ * worker1

# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1

8. Create a new workers.proferties file

[root@ localhost conf]# more workers.proferties
workers.tomcat_home=/usr/local/tomcat
workers.java_home=/usr/local/jdk
ps=/
worker.list=worker1
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
worker.worker1.connection_pool_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.lbfactor=1
worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
worker.inprocess.stderr=$(workers.tomcat_home) $(ps)logs$(ps)inprocess.stderr
[root@localhost conf]#

9. Apache Tomcat SSL virtual host:

1. Modify: httpd-ssl. conf Add the following virtual host




# General setup for the virtual host
DocumentRoot "/www/clients/aaa.com/htdocs"
ServerName www.aaa.com:443
ServerAdmin you@example.com
ErrorLog "/www/clients/aaa.com/logs/error_log"
TransferLog "/www/clients/aaa. com/logs/access_log"



Options -Indexes FollowSymlinks
AllowOverride All
Require all granted
DirectoryIndex login.jsp index.jsp



#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1


# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1




# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.


SSLEngine on


SSLCertificateFile "/usr/local/apache-2.4/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache-2.4/conf/server.key"



SSLOptions StdEnvVars


SSLOptions StdEnvVars



BrowserMatch "MSIE [2-5]"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0


CustomLog "/usr/local/apache-2.4/logs/ssl_request_log"
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"










# General setup for the virtual host
DocumentRoot "/www/clients/bbb.com/htdocs"
ServerName www.bbb.com:443
ServerAdmin you@example.com
ErrorLog "/www/clients/bbb.com/logs/error_log"
TransferLog "/www/clients/bbb.com/logs/access_log"



Options -Indexes FollowSymlinks
AllowOverride All
Require all granted
DirectoryIndex login.jsp index.jsp



#JkMount /examples/*.jsp worker1
JkMount /servlet/* worker1


# Send JSPs for context /examples to worker named worker1
JkMount /*.jsp worker1




# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.


SSLEngine on


SSLCertificateFile "/usr/local/apache-2.4/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache-2.4/conf/server.key"



SSLOptions StdEnvVars


SSLOptions StdEnvVars



BrowserMatch "MSIE [2-5]"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0


CustomLog "/usr/local/apache-2.4/logs/ssl_requbbest_log"
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"





十、添加Tomcat虚拟主机：


1、修改：Tomcat的配置文件 server.xml 添加如下：





www.aaa.com



prefix="aaa.com_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />

debug="0" reloadable="true"/>








www.bbb.com



prefix="bbb.com_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />


debug="0" reloadable="true"/>





十一、编写测试页面：

[root@localhost htdocs]# pwd
/www/clients/aaa.com/htdocs
[root@localhost htdocs]# more index.jsp





<%out.println("

Hello wwww.aaa.com World!

");%>


[root@localhost htdocs]#


[root@localhost htdocs]# pwd
/www/clients/bbb.com/htdocs
[root@localhost htdocs]# more index.jsp





<%out.println("

Hello wwww.bbb.com World!

");%>


[root@localhost htdocs]#


12. Start: apache, tomcat for testing
# /usr/local/apache/bin/apachectl start
# /usr/local/ tomcat/bin/startup.sh

2. Modify the local host hosts test
https://www.aaa.com
https://www.bbb.com

Attachment: Optimize Tomcat parameters: Modification: Add the following red words to the catalina.sh file
# Set juli LogManager config file if it is present and an override has not been issued
if [ -z "$LOGGING_CONFIG" ]; then
if [ -r "$CATALINA_BASE"/conf/logging.properties ]; then
LOGGING_CONFIG="-Djava.util.logging.config.file=$CATALINA_BASE/conf/logging.properties"
else
# Bugzilla 45585
LOGGING_CONFIG="-Dnop"
fi
fi
JAVA_OPTS="-server -Xms256m -Xmx2048m -XX:PermSize=64M -XX:MaxNewSize=256m -XX :MaxPermSize=512m "

http://www.bkjia.com/PHPjc/1067486.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/1067486.htmlTechArticleApache-2.4 Tomcat-7 SSL VirtualHost Self-signed certificate installation test 1. Install the Yilan software package 1. Install apr Package # wget -c http://ftp.cuhk.edu.hk/pub/packages/apache.org//apr/ap...