How to enable HTTPS on superset using apache configuration
Related
I am developing with WebSockets, and made a working web application running on Tomcat 8. However, when testing with Apache 2 in front of it, the client is getting an HTTP 500 and the Tomcat log says:
java.lang.UnsupportedOperationException: HTTP upgrade is not supported by the AJP protocol
at org.apache.coyote.ajp.AbstractAjpProcessor.action(AbstractAjpProcessor.java:587)
at org.apache.coyote.Request.action(Request.java:379)
at org.apache.catalina.connector.Request.upgrade(Request.java:1886)
at org.apache.catalina.connector.RequestFacade.upgrade(RequestFacade.java:1114)
at org.apache.tomcat.websocket.server.UpgradeUtil.doUpgrade(UpgradeUtil.java:231)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:77)
This worked when accessing Tomcat directly through its HTTP connector. If this is not supported with AJP, is there a workaround?
Use Apache module mod_proxy_wstunnel:
sudo a2enmod mod_proxy_wstunnel
Then use it to let WebSocket connections through by adding this to apache.conf:
ProxyPass "/ws2/" "ws://localhost:8180/ws"
And make sure you have enabled an HTTP connector in Tomcat by using <Connector protocol="HTTP/1.1" port="8180" ...> in server.xml.
I've installed Nginx as a reverse proxy in front of my existing apache server. All my requests are routed from Nginx server to Apache.
Can I disable mod_setenvif in my apache server?
Web<->Nginx<->Apache
You can disable mod_setenvif if you are not using any of the functionality provided by that module: the BrowserMatch, BrowserMatchNoCase, SetEnvIf, and SetEnvIfNoCase directives. Nginx has nothing to do with it.
The document is not clear. How to install certificate and etc in localhost?
force-ssl
This package causes Meteor to redirect insecure connections (HTTP) to a secure URL (HTTPS). Use this package to ensure that communication to the server is always encrypted to protect users from active spoofing attacks.
To simplify development, unencrypted connections from localhost are always accepted over HTTP.
Application bundles (meteor bundle) do not include an HTTPS server or certificate. A proxy server that terminates SSL in front of a Meteor bundle must set the standard x-forwarded-proto header for the force-ssl package to work.
Applications deployed to meteor.com subdomains with meteor deploy are automatically served via HTTPS using Meteor's certificate.
I've slogged through setting up an Apache reverse proxy that terminates SSL in front of Meteor, and wanted to document that here as well.
I added the following to the config file for the SSL virtual host:
<VirtualHost _default_:443>
ServerName server.domain.com
## SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
## Proxy to port 3000 for Meteor apps
SSLProxyEngine On
ProxyRequests Off # Disable forward proxying
ProxyPass / http://localhost:3000
ProxyPassReverse / http://localhost:3000
## Your other SSL config directives such as certificates, etc.
</VirtualHost>
You do not need to install certificates on localhost. As it says "To simplify development, unencrypted connections from localhost are always accepted over HTTP.", which means that you can develop and test the application without using SSL and without installing certificates. Just run you application and access it with http://localhost:3000 as usual.
If you are talking about installing certificates for publicly facing applications it is probably best to use a reverse proxy server such as nginx and install the certificates for that server. http://wiki.nginx.org/HttpProxyModule
I have this configuration:
HTTPS load balancer / SSL offloader on port 443
Apache httpd on port 80 (different IP), using ProxyPass, ProxyPassReverse to forward to...
multiple Glassfish domains listening on different ports
Problem: Neither Glassfish nor Apache is aware that the request is HTTPS. Redirects to URLs like "/index.jsp" are being rewritten in Glassfish as http://internal_ip/index.jsp, then ProxyPassReverse rewrites to http://public_ip/index.jsp. Problem is, I need that URL to be http*s*://public_ip/...
How do I fix that - is there some Glassfish configuration I can change, or Apache httpd.conf?
I see two solutions to that:
1) use your loadbalancer to manipulate apaches response (iRule in F5, flex for A10 loadbalancers etc.)
2) set up something on the loadbalancer to send another redirect to requests coming in via HTTP to use HTTPS
I have Apache running and serving PHP but I will also like to run JBOSS for my other web app. JBOSS is running on port 8080 while Apache is running on port 80. If there is a request for URL example.com, I want Apache to handle it because it is PHP backend but for URL example2.com, I want Apache to forward the request to port 8080 to be handled by JBOSS AS.
I appreciate any help in configuring Apache in the way I described it.
You need to use Apache proxy module: http://httpd.apache.org/docs/1.3/mod/mod_proxy.html
Your configuration of proxy will look similar to:
ProxyRequests Off
ProxyPass /foo http://foo.example.com:8080/foo