We Keep Coding

How to setup glassfish 4.1.1 behind apache on Ubuntu 16.04 server

I want to setup Apache and Glassfish on Ubuntu 16.04 server.
I have installed
apache2
libapache2-mod-jk
glassfish
The following are the steps I have followed
Configuring the MPM module
Set MaxRequestWorkers to 400 in /etc/apache2/mods-available/mpm_event.conf
Configuring the JK Module
<IfModule mod_jk.c>
JkWorkersFile /usr/share/glassfish4/glassfish/domains/<domain-doamin1>/config/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
JkLogLevel error
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
JkMountCopy all
</IfModule>
JkMount /myapp/* ajp13
<Location "/myapp/WEB-INF/">
require all denied
</Location>
Create a workers.properties file in your GlassFish domain's config directory
worker.list=ajp13
worker.ajp13.type=ajp13
worker.ajp13.host=localhost
worker.ajp13.port=8009
# load balancing only: worker.ajp13.lbfactor=50
connection_pool_size=10
connection_pool_timeout=600
worker.ajp13.socket_keepalive=False
worker.ajp13.socket_timeout=30
Create the JK listener in GlassFish using these commands
asadmin create-http-listener --listenerport 8009 --listeneraddress 0.0.0.0 --defaultvs server jk-listener
asadmin set server-config.network-config.network-listeners.network-listener.jk-listener.jk-enabled=true
then I restarted glassfish domain successfully but when i try to restart apache2 with sudo /etc/init.d/apache2 restart I get the error below
[....] Restarting apache2 (via systemctl): apache2.serviceJob for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details.
failed!
This error occurs when I edit the file jk.conf located under /etc/apache2/mods-available/jk.conf
Where am I going wrong. Is there a complete guide to accomplishing this? Finally the newer apache2 doesn't have the file httpd.conf and all the tutorials allover the Internet rely upon this file. Thanks in advance.

Since your objective is just to forward requests from Apache to GlassFish, not to loadbalance requests from Apache to multiple GlassFish servers, I would recommend avoiding mod_jk. You can certainly achieve your goal with it, but if you are new to the concepts involved, you will find it difficult to understand and maintain.
Instead you can use mod_proxy and, optionally, mod_proxy_ajp.
First, a definition:
AJP vs HTTP
AJP is a protocol like HTTP, but binary rather than text based. It has no secure/insecure options like HTTPS/HTTP since it is normally used behind a firewall and performs much better than HTTP for these scenarios. When you mark any GlassFish network listener as jk-enabled, you are enabling AJP communication, rather than HTTP.
You've installed Apache via the ubuntu apache2 package which has its own example structure to configuration which is different to the layout you would get if you downloaded and unzipped it. This has advantages, but we need to understand the Apache configuration file before getting to that.
Apache Configuration
Generally, you will see internet guides refer to httpd.conf as the configuration file to edit. This is just the default "parent" configuration file. In Debian/Ubuntu systems (and their derivations, like Linux Mint), the file to look for is apache2.conf.
This file is read, and its directives applied, from top to bottom, so if you have set the same property to two different values, the second will apply. (More accurately, they will both apply but the first will only apply until the second setting is read).
This file can also specifically "include" files and folders (where any *.conf file in an included folder will be included). These will be read in and merged with the main configuration at the point where the "include" statement is written. So the very last line in the main configuration file (if it is not specifying another file) will be the last line of configuration to be set, no matter what.
Debian config layout
I would highly recommend you read the opening comment in the apache2.conf file, since it will tell you all you need to know about the layout. Suffice it to say that keeping all the config in one file is very painful to maintain. The Debian package separates configuration into three categories:
sites
Sites are single configuration files for a website or web project. This could be anything: PHP, static HTML or a Java EE application deployed to an app server like GlassFish.
mods
Modules are subdivided into *.load files which load the actual libraries needed to run them, and *.conf files which have global configuration for the modules. Note that this configuration applies to every site that uses the module, so it is best to put any site/app specific module configuration in the appropriate site.conf file
conf
These files are just for any other general configuration which fits into a nice group. This could be SSL configuration like keystore and truststore locations.
When you look at the directory structure, you will see that each of these have 2 folders: *-available and *-enabled. This is because the Debian Apache package comes with 6 helper tools, a2ensite and a2dissite; a2enmod and a2dismod; a2enconf and a2disconf. The idea is that you follow these rules:
Never directly edit the apache2.conf file
only ever add or change files in the *-available folders
Use the helper tools to enable or disable sites/modules/conf files.
Answer
So to (finally) answer your question, I would do the following steps:
Enable mod_proxy_ajp
a2enmod mod_proxy_ajp
Create a new myApp.conf in sites-available. You can copy the default one, which is a good example. Assuming you have just want to forward all requests to GlassFish, you can use the default VirtualHost settings of ` which will process a request for any hostname on port 80. Use port 443 if you want to add HTTPS.
Add ProxyPass and ProxyPassReverse directives to the location of your server. If Apache and GlassFish are on the same server, it is likely you will want to use ajp://localhost:8080
ProxyPass / ajp://host_name:0000
ProxyPassReverse / ajp://host_name:0000
Note: This assumes you are using AJP. If that causes you problems, switch to HTTP by changing ajp to http above and disabling the jk-listener in GlassFish.
Once you have completed your myApp.conf configuration, remember to disable the default site:
a2dissite 000-default-site.conf
And enable your new site:
a2ensite myApp.conf
Those commands will appropriately modify the main apache2.conf and create the appropriate links in the sites-enabled folder.
That should be all you need. Now, everything that points to your hostname after the root / of the URL will be forwarded to the root context / of GlassFish.

Apache plugin not working for Let's Encrypt

I'm trying to secure my CentOS 7 VPS with Let's Encrypt. I've followed the guidelines in https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-centos-7 . I've set up virtual hosts, installed server dependencies and the Let's Encrypt client. But when I try to set up the SSL certificate with:
./letsencrypt-auto --apache -d example.com -d mail.example.com
I get the error:
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError()
The Apache Plugin for Let's Encrypt is not working, but how do I make it work?

Same error on CentOS 7 and Apache 2.4. Checked through my configuration, had a couple of IfModule lines that were not closed with /IfModule. Apache is OK with them, but apparently certbot parser isn't. Hope this helps others.

appretnly they are a bug in the letsencrypt-auto script, you can use this command to do the job.
sudo certbot --authenticator standalone --installer apache -d <yourdomain> --pre-hook "systemctl stop apache2" --post-hook "systemctl start apache2"

This answer is not working. In my cases i checked apache config file and found the following line at the end of it <IfModule mod_ssl.c> It was not making sense. On removing it the renewal went on without a problem

I am not able to Start Apache on XAMPP on my system windows 7 32 bit

I am not able to run/start Apache through XAMPP on my system windows 7 32 bit. The problem is after installing everything is working okay but Apache is not running or starting.
Getting the following error message:-
Initializing Control Panel Windows Version: Windows 7 Ultimate 32-bit
Initializing module...
Checking for module existence...
Checking for required tools...
Checking for service (name="Apache2.4"): Service installed
error message : Apache Service detected with wrong path
Change XAMPP Apache and Control Panel settings or
Uninstall/disable the other service manually first
Found Path: "C:\Apache24\bin\httpd.exe" -k runservice
Expected Path: "c:\xampp\apache\bin\httpd.exe" -k
Checking default ports...
Executing "net start "Apache2.4""
Return code: 0
I think my system is missing Port 80 which is used by Apache server to run - even I checked it on my system but there is no such port 80 on my system.
How to resolve this issue?

Terminate/exit the programs like skype and other programs that are using the port 80 then start the appache server hope this will start the server. Once appache server start then you can start the skype or other programs. Or even you can change the port of appache server. You can follow this link for changing the server port.
How to change XAMPP apache server port?
Hop this will help you.

port 80 is a virtual port. It is being used by some other Program. Try executing netsh on command prompt.
The most common issue is skype. Refer this question to resolve it.

Apache Service detected with wrong path Change XAMPP Apache and Control Panel settings or Uninstall/disable the other service manually first Found Path: "C:\Apache24\bin\httpd.exe" -k runservice Expected Path: "c:\xampp\apache\bin\httpd.exe" -k
Your answer is on error message. The installed apache loaction is not inside the xampp folder. Try to reinstall or change the configuration.

I've encountered this issue on my Windows 10 environment. I've found that I've configured C:\xampp\apache\conf\extra\httpd-xampp.conf with a new SSLCertificateFile or SSLCertificateKeyFile in one of my virtual hosts that was not existing.
So in my httpd-xampp.conf I have the following:
## mywebsite.local config
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs/mywebsite.local"
ServerName mywebsite.local
ServerAlias *.mywebsite.local
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "C:/xampp/htdocs/mywebsite.local"
ServerName mywebsite.local
ServerAlias *.mywebsite.local
## these lines are for my local SSL, here is the issue
SSLEngine on
SSLCertificateFile "crt/mywebsite.local/server.crt" ## this path may not exist
SSLCertificateKeyFile "crt/mywebsite.local/server.key" ## or even this line may not exist
</VirtualHost>
I've found that the path from SSLCertificateFile and SSLCertificateKeyFile doesn't exist.
I've fixed it and not it's working.
All the best!

I had the exact same issue on my system, Windows 10 64bit. I realized that I had edited the httpd.conf file in accordance with a security course I was taking and it rendered my configuration erroneous.
My fix was to uninstall XAMPP from the XAMPP uninstaller located in the XAMPP folder to completely erase all associated files as well as registry files! This was important because I had to do this once before but the uninstaller did not function properly for some reason.
Anyways, completely uninstalling it and reinstalling it leaving all the default settings made it work again. I know how it sounds... delete and re-install, but it finally got my server running, so it might serve as a solution for you and anyone who finds this post. Image of the Apache and my SQL server running without throwing errors.
Also, I found this out recently:
If you are learning to use XAMPP through a website like stackskills, the modules may not alert you to common issues. For example, if you need to change a directory, from C:/XAMPP/Apache to C:/Hacking Software/XAMPP/Apache, (notice the space and lack of underscore in the first part of the directory "HackingSoftware", XAMPP will read the first "space" as the end of an argument, and so you need to have the entire directory written in quotes like this: "C:/Hacking Software/XAMPP/Apache" or write it with underscores C:/Hacking_Software/XAMPP/Apache.
This syntax also applies to the use of the "Alias" command. See this link for more info: http://httpd.apache.org/docs/2.4/mod/core.html#directory.
Use this as a resource for other issues: http://httpd.apache.org/docs/2.4/mod/directives.html

apache php5-fpm 404 error on chroot enable

I know this particular question has been asked many times but i don't see any solving answers.
I have a mod_proxy_fcgi + php5-fpm + apache 2.4 configured on UBUNTU 14 its working perfectly fine.
i wanted to make php-fpm chrooted (So users wont access other users resource in shared env) if config:
prefix = /var/www/html/example.com/public_html/
chroot = $prefix
chdir = /
After config: if i access php script in browser i get 404 error "File not found"
If i COMMENT this above chroot config then php works again without any errors!

I don't know if a chroot is the perfect solution. A chroot not automaticly means a better security. A better way is to run every site under another user with suexec for example. Then every Customer has its own user with specified permissions only on its own folder.
A chroot is good but make some problems. The chroot is interesting if you plan to give the user an SSH entry to your system.
https://serverfault.com/questions/139826/apache-suexec-php-fpm-how-to-set-them-up

At Freenod Channel #php-fpm person named "Kiranos" helped me to solve the problem.
My setup was: Apache 2.4.7 + mod_proxy_fcgi + php5-fpm on Ubuntu 14.04
The problem was, i had TCP connection to php-fpm socket in vhost like
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/html/example.net/public_html/$1
and in php-fpm pool conf i had
chroot = /var/www/html/example.net/public_html/
Note: Since Apache 2.4.7 don't support unix socket connection i had to use TCP. While using TCP there is no need to mention complete doc path in ProxyPassMatch for chrooting.
Wrong Conf in vHost:
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/html/example.net/public_html/$1
Correct Conf in vHost:
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/$1
After doing this chroot was working..

Unable to set php_value 'soap.wsdl_cache_dir'

I have VPS server (CentOS 6.5) running Apache 2.2.4 and PHP-FPM (FastCGI Process Manager). Looking in php-fpm error_log I've noticed error with every spawn php-fpm child process:
WARNING: [pool www] child 24086 said into stderr: "ERROR: Unable to set php_value 'soap.wsdl_cache_dir'"
I couldn't find any info on this warning googling. Is anybody aware what does this mean and how to get rid of this warning?
UPDATE 1:
fastcgi.conf for apache:
User apache
Group apache
LoadModule fastcgi_module modules/mod_fastcgi.so
<IfModule mod_fastcgi.c>
DirectoryIndex index.php index.html index.shtml index.cgi
AddHandler php5-fcgi .php
# For monitoring status with e.g. Munin
<LocationMatch "/(ping|status)">
SetHandler php5-fcgi-virt
Action php5-fcgi-virt /php5-fcgi virtual
</LocationMatch>
Action php5-fcgi /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket /tmp/php5-fpm.sock -pass-header Authorization
</IfModule>
# global FastCgiConfig can be overridden by FastCgiServer options in vhost config
FastCgiConfig -idle-timeout 20 -maxClassProcesses 1
And here is the php-fpm.conf and pool configuration for php:
pid = /var/run/php-fpm/php-fpm.pid
daemonize = yes
; Start a new pool named 'www'.
[www]
listen = /tmp/php5-fpm.sock
group = apache
pm = dynamic
pm.max_children = 8
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.status_path = /status
ping.path = /ping
catch_workers_output = yes
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
Everything else is on defaults.
UPDATE 2:
After manually creating /var/lib/php/wsdlcache directory as suggested and setting permissions to 770 and owner to root:apache, I hoped that I won't see the error again, but unfortunately after restarting php-fpm process the error is there again and this becomes something really very strange.
P.S. Maybe this question is more appropriate for serverfault, but generally there are more experts in php and apache configuration on stackoverflow.

I hate so trivial solutions. Finally I've found the problem and solution by myself. Leaving it here for reference for others with some pre-history.
FastCGI configuration files were taken from internet when first configuring FastCGI as I haven't used it before. Tutorials showing FastCGI configuration contained the line php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache. I became really interested what is SOAP as I don't use it on the websites that I run on this server and this curiosity brought me the solution. Actually I don't need SOAP and simply removing that line would fix the problem I guess, but I've decided to leave it there and found out that I needed simply to install php-soap.
yum install php-soap
For RHEL/CentOS
After restarting php-fpm I don't get the error on respawning fpm processes.

You're getting that message if the directory /var/lib/php/wsdlcache specified in your pool configuration doesn't exist and cannot created by the PHP worker either. Note that the PHP worker is not running as root, but as user apache (which is great for security and should be kept that way!), therefore it most likely doesn't have write permissions in /var/lib. Kepp also in mind that workers can be chrooted (your config doesn't look like you're doing it, but one can) - in that case, the directory has, of course, be inside the chroot jail.
Create that directory and modifiy the access rights so that apacheis able to read and write into it and everything should be fine.

Pretty sure you can't use php_value with (fast) CGI. You might want to look at user.ini files if using a version of PHP newer than 5.3.0 and needing PHP_INI_PERDIR ini settings.
Since PHP 5.3.0, PHP includes support for configuration INI files on a
per-directory basis. These files are processed only by the CGI/FastCGI
SAPI. This functionality obsoletes the PECL htscanner extension. If
you are using Apache, use .htaccess files for the same effect.
UPDATE: Didn't see it was pool www. As Johannes H. observes: "You can use php_value inside the pool-cofiguration of php-fpm...". My original answer only really applies for per directory tweaks. See Johannes comment below.