In the past, my web application hosted in Weblogic 12c and OHS 12c, the url is http://serverName/webName
SSL is pretty new to me, now I managed to turn on
1. SSL in Weblogic, web application can access through https://serverName:7002/webName
2. SSL in OHS virtual host on port 4443, vertified using https://serverName:4443
Now I am having challenge making my web application accessible through https://serverName:4443/webName or https://serverName/webName. Need guidance on how to edit OHS configuration (ssl.conf, mod_wl_ohs.conf, httpd.conf, etc) to achieve above.
You also need to enrich your mod_wl_ohs.conf with the following 2 directives :
SecureProxy ON
WLSSLWallet "/path/to/wallet/directory/as/defined/in/your/ssl/conf/file"
You may find more details on these directives here :
https://docs.oracle.com/cd/E28280_01/web.1111/e10144/directives.htm#CIHFAAJB
But if you would like for the "https://serverName/webName" to work, since the default port for SSL is 443, you need to change OHS listening port from 4443 to 443 inside ssl.conf
Related
I want to setup SSL Apache HTTPD -> SSL Weblogic Managed Server.
While opening UI via https Apache HTTPD, getting backend server not available.
Note :
I have ssl module and related modules enabled on httpd end. Weblogic Managed Server SSL is also working because we deployed a middleware component and able to fetch the data from postman/soap UI/curl using https Weblogic Managed server IP and port with API of middleware.
I am able to implement SSL Apache HTTPD -> Non SSL Weblogic Managed Server and can able to open UI with https Apache HTTPD.
I have hosted website with a different port like http://example.com:8888
Its working fine but when I try to access with HTTPS(https://example.com:8888) it's giving me ERR_SSL_PROTOCOL_ERROR (This site can’t provide a secure connection)
I am using XAMPP and I have also configured an SSL certificate.
Please help me to configure with HTTPS.
You need to enable ssl in the VH listening on the new port
SSLEngine On
and you have to provide all the proper configurations required such as the keyfile, and the certificate file.
Official doc: https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html
I've created another instance of Tomcat(port: 81) to run a different application in a server. Tomcat is running successfully but I want to run apache web server on top of it. So, I copied existing apache in another folder and configured to the another instance of tomcat. I'm facing below error. Your help will be greatly appreciated.
enter image description here
It would appear that both instances are configured to also listen for https connections on the default port (443), i.e. while you may have configured them to listen on different http ports (i.e. 80 and 81), you haven't done the same for https.
First, something else is already using that 443 port, so try 8443.
Also, technically, you can install Tomcat twice using different service names, but why. The beauty of Tomcat is using one installation for multiple applications.
Tomcat is intended to support multiple apps. With a .war file you simply upload your .war file to web apps folder. Tomcat will automatically extract the war file.
To run app as ROOT application, delete the ROOT folder in Tomcat. Rename the .war file for the app you want to install to ROOT.war, it will extract to ROOT folder and you will access it from http://servername:8080, if you kept the default settings of the tomcat connector.
Now, to add a second application, copy a .war file to Tomcat webapps folder, with a different name other than ROOT.war, such as example.war. It will automatically extract the .war file into an example folder. To access that application, go to http://servername:8080/example. You will not have two Tomcat connectors for port 8080, just the 1, and you will access non-ROOT webapps via a context path.
Option 1:
If you want to use TLS in Tomcat, you need to uncomment the 8443 connector in Server.xml. You also need to create a keystore, and put in that keystore information in Server.xml to allow TLS.
Option 2(Doesn’t work with option 1, unless you pick a different port):
If you want a web server with TLS, then set Apache Web Server to listen on 8443, which will also require creating a key store and virtual host file in Apache Tomcat, but leave the Tomcat port at 8080 as it normally would be. Then use virtual host settings on Apache Web Server to proxy to the Tomcat apps (jumping from 8443 to the 8080 ports on the same host with Tomcat only listening on 127.0.0.1 or different hosts with proper network separation so people can’t get around the Web Server). Apache2 would be listening at the Web
Server FQDN.
Example:
Skip the Apache Web Server, and use different context path settings (as needed) for each tomcat application on the single 8443 port. (Make sure Apache2 is no longer using 8443).
ROOT app:
User—>https://servername:8443
App2:
User—>https://servername:8443/app2
Using Apache Web Server, you would proxy from port 8443 to 8080. Apache Web Server listening on 8443, Tomcat listening on 8080. TLS encryption would be at the Web Server. The connection between the Apache2 and Tomcat would be unencrypted on the same server.
This is a pretty thorough example of reverse proxy:
https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension
User—>https://servername:8443–>http://localhost:8080
Using this guide I managed to access my server from remote hosts. However, now I want to enable SSL on my server and I know that there is an option in the configuration to enable SSL but the https URL added is on localhost. How do I do the same as in the tutorial but with SSL, just add another binding but with port 443? or is there something more to it.
Thanks.
In a server hosting a website address.com (managed with drupal) with an apache2 server (running on port 8080) I would like to install a webservice (tomcat7 / axis2) which runs on the same port 8080. Is there a way do it? There're also svn, trac running on that port. Unfortunately, due to security restrictions, that's the only port accessible externally.
Thank you
You can absolutely expose multiple services on the same port, as long as they all live in distinct URL namespaces. For example, you're already running Trac and svn on port 8080, so obviously you are already doing exactly what you're asking about.
To add Tomcat to the mix, you would typically:
Run Tomcat locally on another port, and then
Use ProxyPass and ProxyPassReverse to expose the Tomcat service via your webserver on port 8080.
For example, if you wanted to make your Tomcat instance visible at http://myserver:8080/tomcat, you might add something like this to your Apache configuration:
ProxyPass /tomcat/ http://localhost:8888/
ProxyPassReverse /tomcat/ http://localhost:8888/
You can read more about these directives here. Note that you may need to perform additional configuration of your Tomcat application to reflect the fact that it is externally visible at /tomcat/.
You can also potentially take advantage of virtual hosting, assuming that you control DNS for this system; in that case, you can have:
http://myserver-trac:8080/
Lead to a different VirtualHost configuration than:
http://myserver-tomcat:8080/
You can read more about name-based virtual hosting here.
When you install the webservice listening on another port (at localhost), you can use Apache as a proxy (using mod_proxy) to access that service.
Maybe usefull: How to rewrite / proxy an Apache URI to an application listening on a specific port / server?