How to install mod_ssl for Apache httpd? - apache

Ok
So I installed Apache httpd a while ago and have recently come back to it to try setup SSL and get it serving several different tomcat servers.
At the moment I have two completely separate Tomcat instances serving up to slightly different versions (one for dev and one for demo say) my web app to two different ports:
example.com:8081
example.com:8082
I've successfully (back in Jan) used mod_jk to get httpd to serve those same Tomcat instances to http://www.example.com:8090/dev and http://www.example.com:8090/demo (8090 cos I've got another app running on 8080 via Jetty at this stage) using the following code in httpd.conf:
LoadModule jk_module modules/mod_jk.so
JkWorkersFile conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel debug
<VirtualHost *:8090>
JkMount /devd* tomcatDev
JkMount /demo* tomcatDemo
</VirtualHost>
What I'm not trying to do is enable SSL.
I've added the following to httpd.conf:
Listen 443
<VirtualHost _default_:443>
JkMount /dev* tomcatDev
JkMount /demo* tomcatDemo
SSLEngine on
SSLCertificateFile "/opt/httpd/conf/localhost.crt"
SSLCertificateKeyFile "/opt/httpd/conf/keystore.key"
</VirtualHost>
But when I try to restart Apache with apachectl restart (yes after shutting down that other app I mentioned so it doesn't toy with https connections) I continuously get the error:
Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration. httpd not running, trying to start
I've looked in the httpd/modules dir and indeed there is no mod_ssl, only mod_jk.so and httpd.exp.
I've tried using yum to install mod_ssl, it says its already installed. Indeed I can locate mod_ssl.so in /usr/lib/httpd/modules but this is NOT the path to where I've installed httpd which is /opt/httpd and in fact /usr/lib/httpd contains nothing but the modules dir.
Can anyone tell me how to install mod_ssl properly for my installed location of httpd so I can get past this error?

I found I needed to enable the SSL module in Apache (obviously prefix commands with sudo if you are not running as root):
a2enmod ssl
then restart Apache:
/etc/init.d/apache2 restart
More details of SSL in Apache for Ubuntu / Debian here.

Are any other LoadModule commands referencing modules in the /usr/lib/httpd/modules folder? If so, you should be fine just adding LoadModule ssl_module /usr/lib/httpd/modules/mod_ssl.so to your conf file.
Otherwise, you'll want to copy the mod_ssl.so file to whatever directory the other modules are being loaded from and reference it there.

Try installing mod_ssl using following command:
yum install mod_ssl
and then reload and restart your Apache server using following commands:
systemctl reload httpd.service
systemctl restart httpd.service
This should work for most of the cases.

I used:
sudo yum install mod24_ssl
and it worked in my Amazon Linux AMI.

I don't know if it is still of interest and if things have changed ever since the thread has been posted, but the /etc/apache2/apache2.conf on my system says:
Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
directories contain particular configuration snippets which manage modules,
global configuration fragments, or virtual host configurations,
respectively.
They are activated by symlinking available configuration files from their
respective *-available/ counterparts. These should be managed by using our
helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
their respective man pages for detailed information.
And on my system the modules are installed in /usr/lib/apache2/modules.
I am running Ubuntu 20.04.2 LTS.

Related

Wildfly, Tomcat, Apache and Subdomains

I have an Ubuntu server in AWS that is running multiple application servers -- a Wildfly serving up some pages and two Tomcats running a separate app.
I am trying to get subdomains working.
I have DNS's set up to point subdomain1.example.com, subdomain2.example.com. That works fine.
Wildfly is listening on port 80 (I think?), the Tomcats are listening on 8080 and 8090. The goal is to have www.example.com go to Wildfly, subdomain1.example.com go to Tomcat : 8080 and subdomain2.example.com go to Tomcat : 8090
I've found numerous posts that talk about setting up virtual hosts in Apache that should solve my problem. But I keep getting sent down rabbit holes. Some suggest adding to /opt/bitnami/apache2/bin/httpd.config and some suggest putting it in /opt/bitnami/apache2/sites-available/subdomain1.example.com.conf
My first issue: I don't think that Apache is even running. I was under the impression that Apache was baked into Wildfly, but when I execute:
service apache2 status
I get:
apache2.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
Running sudo service --status-all also doesn't show it running so I think that it is not. It seems to be installed (Bitnami stack) in /opt/bitnami/apache2
Do I have to turn Apache on as part of Wildfly (and how to turn it on)? If I do, then I would assume that Wildfly is no longer getting traffic.
Second - my research tells me I need i need to enable proxy and proxy_http using a2enmod and a2ensite but I don't have these. Research suggests that all Ubuntu's will have those scripts... do they get created if I turn on Apache?
Sorry for all the noob questions.... I'm a developer without a DevOps guy. This seems like it would so common it would be baked in or there would be a definite solution that I am probably missing.
For those looking for something similar, here is the solution that worked for me.
My server is a Wildfly-Apache2-MySQL AMI image on AWS. I did not need to use a2enmod nor a2ensite as my research suggested. It seems many of those modules are already enabled by the pre-built image.
NOTE THESE INSTRUCTIONS ARE BITNAMI AWI SPECIFIC - YOUR FLAVOR CONFIGURATION MAY BE SLIGHTLY DIFFERENT
To have a subdomain point to a simple Apache text site (yada.example.com):
Create a directory in ~/stack/apache2/htdocs called yada
Add an entry to the virtual hosts configuration file (sudo nano /opt/bitnami/apache2/conf/extra/httpd-vhosts.conf)
<VirtualHost *:80>
ServerAdmin info#example.com
DocumentRoot "/opt/bitnami/apache2/htdocs/yada"
ServerName yada.example.com
ErrorLog "logs/yada-subdomain-error-log"
CustomLog "logs/yada-subdomain-access-log" common
</VirtualHost>
Modify the Apache configuration file to include the virtual hosts. (sudo nano /opt/bitnami/apache2/conf/httpd.conf):
...snip...
# Supplemental configuration
#
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
...snip...
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# ADDED THE ABOVE LINE
...snip...
Restart Apache (sudo /opt/bitnami/ctlscript.sh restart apache)
To make it point to a Tomcat server, add this to the httpd-vhosts.conf:
<VirtualHost *:80>
ServerAdmin info#example.com
ServerName yada.example.com
ProxyPreserveHost On
# setup the proxy
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://localhost:8090/
ProxyPassReverse / http://localhost:8090/
</VirtualHost>
Your port may differ.
FYI, I found this helpful: https://docs.bitnami.com/virtual-machine/components/apache/#how-to-configure-your-web-application-to-use-a-virtual-host
Good luck and shout out to #stdunbar for his guidance.

How do I deploy a golang app with Apache installed on Ubuntu 16.04 on digitalocean?

I am learning Go at the moment and I have built really simple webapps following some tutorials with the net/http package. I have created a simple wishlist, where I add an item and than it does to a simple table of things I want, pretty simple.
Now I want to deploy this app to my Digital Ocean droplet, but I just don't know how. I have some php websites with different domains already with Apache behind it.
I am really a begginer on this "servers configuration" thing, usually with php is pretty easy on webhosts and I didn't need this much experience. Can you point me on the right direction to make my Go app available at a domain I own, without the ports bit? Preferably with Apache.
Thanks :)
Note: Almost everything in this answer needs to be customized to your specific circumstances. This is written with the assumption that your Go app is called "myapp" and you have made it listen at port 8001 (and many others).
You should make a systemd unit file to make your app start up automatically at boot. Put the following in /etc/systemd/system/myapp.service (adapt to your needs):
[Unit]
Description=MyApp webserver
[Service]
ExecStart=/www/myapp/bin/webserver
WorkingDirectory=/www/myapp
EnvironmentFile=-/www/myapp/config/myapp.env
StandardOutput=journal
StandardError=inherit
SyslogIdentifier=myapp
User=www-data
Group=www-data
Type=simple
Restart=on-failure
[Install]
WantedBy=multi-user.target
For documentation of these settings see: man systemd.unit, man systemd.service and man systemd.exec
Start it:
systemctl start myapp
Check that it is ok:
systemctl status myapp
Enable automatic startup:
systemctl enable myapp
Then it is time to configure Apache virtualhost for your app. Put the following in /etc/apache2/sites-available/myapp.conf:
<VirtualHost *:80>
ServerName myapp.example.com
ServerAdmin webmaster#example.com
DocumentRoot /www/myapp/public
ErrorLog ${APACHE_LOG_DIR}/myapp-error.log
CustomLog ${APACHE_LOG_DIR}/myapp-access.log combined
ProxyPass "/" "http://localhost:8001/"
</VirtualHost>
Documentation of the proxy related settings: https://httpd.apache.org/docs/2.4/mod/mod_proxy.html
Enable the configuration:
a2ensite myapp
Make sure you did not make mistake in Apache configuration:
apachectl configtest
In case the proxy modules are not previously enabled you will get an error at this point. In that case enable the proxy modules and try again:
a2enmod proxy
a2enmod proxy_http
apachectl configtest
Reload Apache configuration:
systemctl reload apache2
Remember to make the name myapp.example.com available in DNS.
That's it!
EDIT: Added pointers to documentation and instructions for enabling Apache modules if needed. Use apachectl for config test.

Invalid Command 'RewriteEngine' but mod_rewrite is enabled

I am setting up a gitlab site with this conf file
But this error arise:
Invalid command 'RewriteEngine', perhaps misspelled or defined by a module not included in the server configuration
I have install apache 2.4.20 from source. And forgot that I have installed 2.4.7 with apt-get. Right now apache -v shows 2.4.7 though.
I have followed a lot of solutions but they do not work:
Inside the httpd.conf file uncomment the line LoadModule rewrite_module modules/mod_rewrite.so (remove the pound '#' sign from in front of the line)
Apache2 ProxyPass for Rails App Gitlab
I have check the rewrite modules and it is there; a2enmod rewrite is enabled and service apache2 restart worked without the gitlab.conf file.
But with gitlab.conf, this error appear Invalid command 'RewriteEngine'?
I am having the same issue using Vagrant to setup a VM.
I finally resolved this by setting the ip for the client in the Vagrantfile configs:
config.vm.network :private_network, ip: "192.168.68.8"
Then adding to the local /etc/hosts file:
192.168.68.8 namespace.dev

setting up passenger: keeps showing apache default page instead

I am trying to get passenger to work but i keep seeing the apache default page instead. I am using centos 6.3 on an inmotion VPS. Here is what I've done so far:
gem install passenger.
rvmsudo passenger-install-apache2-module
pasted the following code into /usr/local/apache/conf/includes/post_virtualhost_global.conf (this gets loaded into httpd.conf)
LoadModule passenger_module /home/username/.rvm/gems/ruby-1.9.3-p194/gems/passenger-3.0.17/ext/apache2/mod_passenger.so
PassengerRoot /home/username/.rvm/gems/ruby-1.9.3-p194/gems/passenger-3.0.17
PassengerRuby /home/username/.rvm/wrappers/ruby-1.9.3-p194/ruby
<VirtualHost 123.123.123.123:80>
ServerName http://XXXXXX.inmotionhosting.com
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /home/username/rails/current/public
<Directory /home/username/rails/current/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>
edit: not sure why this isnt formatting properly. its lined and tabbed fine in the text editor.
in etc/hosts there is the line:
123.123.123.123 XXXXXX.inmotionhosting.com XXXXXX
i restarted apache via sudo service httpd restart in /etc/init.d
still shows apache default page
Any ideas? thanks
I stumbled upon this 1 year old post for the similar problem but none of the comment worked for me. So I'm just adding my 2 cents for those who are looking for some help.
If you are seeing Apache default page, it means that phusion passenger is probably not running. You might have seen a warning message when you started/stopped/restarted the apache server that says the phusion passenger module is already loaded, skipping.
So Apache has skipped the most recent LoadModule line you added in the conf file.
Then check the error.log which is in the directory set for error log in apache config file. (httpd.conf for centos)
In my case, it was complaining that it couldn't find the watchdog in the directory set in PassengerRuby. This confirms that the passenger module loaded is NOT what I just added. This might have happened because I am using RVM now but also installed an old version of Passenger a while ago as a root. So I looked at the config.d directory under Apache root, there was a file "passenger.conf" that was loading the old version of Passenger.
I deleted the file, kept the new LoadModule as is - copied from the instruction Phusion Passenger gave me while installing apache2-module, restarted the apache server, no warning message, and passenger worked.

Not able to configure mod_JK in HTTPD.CONF file for load balancing

I am not able to configure the apache load balancer with mod_jk. Each time I channge httpd.conf file apache server doesnot start.
Here is the scenario:
I have 2 apache tomcat instance, Tomcat and tomcat2 and both are running on different ports.
I would like to establish a load balancer for these two instances with apache mod_jk:
I have downloded mod_jk.so file and places in modules folder.
Below configuration I am trying to httpd.conf file:
LoadModule jk_module modules/mod_jk.so
AddModule mod_jk.c
JkWorkersFile conf/workers.properties
JkLogFile log/httpd/mod_jk.log
JkLogLevel info
mod_jk loadbalancer
JkMount /examples/* loadbalancer
Here is my workers.propertise file:
# Define list of workers that will be used
worker.list=loadbalancer
# Define Node1
worker.node1.port=8009
worker.node1.host=localhost
worker.node1.type=ajp13
worker.node1.lbfactor=1
worker.node1.cachesize=10
# Define Node2
worker.node2.port=8010
worker.node2.host=localhost
worker.node2.type=ajp13
worker.node2.lbfactor=1
worker.node2.cachesize=10
# Load-balancing behaviour
worker.loadbalancer.type=lb
worker.loadbalancer.balance_workers=node1,node2
worker.loadbalancer.sticky_session=1
# Status worker for managing load balancer
worker.status.type=status
I am not sure, what is wrong here. May be I am adding the mod_jk conf in httpd.conf file at wrong place.
Can anybody guide. Any sample working HTTPD.CONF file will be great.
Thanks you for the help.
-Santosh
Issue resolve:
I was using the mod_jk.so file compatible with apache version 2.0 and Apache webserver 2.2.
I have downloaded the mod_jk.so file compatible for 2.2 version and now everything is working fine.
You can check detailed error by option:
c:/your_apache_dir/bin> httpd.exe -D mod_jk
Thanks for your help.
JkWorkersFile "conf/workers.properties" this should be this way and also do check for the mod_jk compatibility.