Changes between Version 5 and Version 6 of ApacheConfig


Ignore:
Timestamp:
03/12/12 14:04:28 (6 years ago)
Author:
joshuadf
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • ApacheConfig

    v5 v6  
    2828{{{ 
    2929cd /etc/pki/tls/private/ 
    30 openssl genrsa -out localhost.key 1024 
     30openssl genrsa -out localhost.key 2048 
    3131HOST=myhost 
    32 FQDN=$HOST.biostr.washington.edu 
    33 openssl req -new -subj "/C=US/ST=Washington/O=University of Washington/CN=$FQDN"  -key localhost.key -out localhost.csr 
     32FQDN="$HOST.biostr.washington.edu" 
     33openssl req -new -subj "/C=US/ST=WA/O=University of Washington/CN=$FQDN"  -key localhost.key -out localhost.csr 
    3434}}} 
    35 Then go to the certificate provider (for UW http://certs.cac.washington.edu/ ) and upload the certificate request. When you get notice that 
    36 the certificate is ready, save it to `localhost.crt`: 
     35Then go to the certificate provider (such as [https://wiki.cac.washington.edu/display/infra/UW+Certificate+Services UW Certificate Services] ) and upload the certificate request. When you get notice that the certificate is ready, save it to `localhost.crt`: 
    3736{{{ 
    3837cd /etc/pki/tls/certs/ 
     
    6261  </Directory> 
    6362 
     63  SSLEngine on 
     64  SSLProtocol all -SSLv2 
     65  SSLCipherSuite HIGH:MEDIUM:!ADH 
    6466 
    65   SSLEngine on 
     67  SSLCertificateKeyFile /etc/pki/tls/private/localhost.key 
    6668  SSLCertificateFile /etc/pki/tls/certs/localhost.crt 
    67   SSLCertificateKeyFile /etc/pki/tls/private/localhost.key 
     69  SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt 
    6870  <Files ~ "\.(cgi|shtml)$"> 
    6971  SSLOptions +StdEnvVars 
     
    9395 
    9496{{{ 
    95   ProxyPass /mywebapp/ ajp://localhost:8009/mywebapp/ 
    96  
    9797  # redirect root and mywebapps requests to SSL 
    9898  RedirectMatch ^(/)?$ https://testsig.biostr.washington.edu/mywebapp/MainMenu 
     99 
     100  # in SSL vhost 
     101  ProxyPass /mywebapp/ ajp://localhost:8009/mywebapp/ 
    99102  RedirectMatch ^/mywebapp/?(.*)$ https://testsig.biostr.washington.edu/mywebapp/$1 
    100103}}}