Thursday, November 8, 2007

How to Install Apache2 for SSL and Load Balancing

sudo apt-get install apache2
I chose the default file serving location and changed its ownership for my convenience...
sudo chown richard:richard /var/www

Ubuntu (both Feisty Fawn and Gutsy Gibbon) is missing the apache2-ssl-certificate script. You can find it here (the download is called Apache2-ssl.tar.gz):

Do this after you've extracted the files:

sudo mv ssleay.cnf /usr/share/apache2
sudo mv apache2-ssl-certificate /usr/sbin
sudo mkdir /etc/apache2/ssl

Don't do this (because a2enmod and a2ensite really screws things up!):

(But it could be useful for other websites.)

Do this:

sudo apache2-ssl-certificate -days 365
sudo echo "Listen 443" | sudo tee -a /etc/apache2/ports.conf

Add the following to /etc/apache2/httpd.conf (substituting the appropriate IP address, server name, application name, etc.):

LoadModule proxy_module /usr/lib/apache2/modules/
LoadModule proxy_http_module /usr/lib/apache2/modules/
LoadModule rewrite_module /usr/lib/apache2/modules/
LoadModule ssl_module /usr/lib/apache2/modules/

RewriteEngine on
ProxyRequests off
DocumentRoot /var/www
RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [L,R]

RewriteEngine on
ProxyRequests off
ProxyPreserveHost on
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
DocumentRoot /var/www/ssl
ProxyPass /seaside/go http://localhost:9090/seaside/go
ProxyPassReverse /seaside/go http://localhost:9090/seaside/go
RewriteRule ^/$ http://localhost:9090/seaside/go/$1 [P,L]

I chose to put all my SSL-specific stuff in the ssl folder:
mkdir /var/www/ssl

sudo /etc/init.d/apache2 restart

This is very useful for load balancing:

No comments: