I'm trying to get an SVN server up and running. CentOS 6.4, apache 2.2.15. More importantly, I need to have it running on https only. So I figure that I'll get ssl running first, as I've already tested it on port 80, and SVN works the way I want it to.
In /etc/httpd/ssl, I have ..
intermediate.crt wildcard.mycompany.com.crt wildcard.mycompany.com.key
We bought a wildcard certificate from GeoTrust, and I downloaded the intermediate.crt from their website. In /etc/httpd/httpd.conf, I have..
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin my.email#mycompany.com
ServerName hostname.mycompany.com
ErrorLog logs/error_log
CustomLog logs/access_log common
Redirect permanent / https://hostname.mycompany.com
</VirtualHost>
<VirtualHost hostname.mycompany.com:443>
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/wildcard.mycompany.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/wildcard.mycompany.com.key
SSLCertificateChainFile /etc/httpd/ssl/intermediate.crt
ServerName hostname.mycompany.com
ServerAdmin my.email#mycompany.com
ErrorLog logs/subversion-error_log
CustomLog logs/subversion-access_log common
</VirtualHost>
I can connect to the server, but my browser tells me that the certificate is untrusted. So I'm guessing that there's an error in the permissions, or perhaps in the format of the file?
I can't see anything in the logs.
I set this up at home on my own server, but wasn't using a wildcard certificate.
Anyone care to advise as to what's gone wrong?
Thanks.
Related
I have just configured my server with an open-source ALM tool, e.g. ZenTao. Now I need to edit httpd.conf to visit it through my domain with https, but I don't know-how, could someone help with that?
I am using Ubuntu 18.04 LTS (GNU) and I have already applied for a certificate for my domain from Letsencrypt.
If you want to make your https work for your ZenTao domain, you should provision your httpd.conf with port 443 details, which you could refer to the following,
DocumentRoot and Directory should be your /zentao/www root,
And you should configure with your SSL certificates in it as well,
<VirtualHost *:443>
ServerName *.xxx.com
ServerAlias *.xxx.com
DocumentRoot "/zentaoalm/www/"
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/xxx.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/xxx.com.key
SSLCertificateChainFile /etc/apache2/ssl/xxx.com.pem
<Directory "/zentaopms/www">
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
I have my NodeJS application running on example.com:3000. Obviously, this would be unpresentable to have to tell a user to type in :3000. I want it running on example.com, and I cannot set Node to :80 since my Apache PHP front end is on :80.
I am running CentOS 8. I created a file called proxy.conf in /etc/httpd/conf.d and dropped the following lines in it.
<VirtualHost *:80>
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
ProxyRequests On
ProxyPass / http://localhost:3000
ProxyPassReverse / http://localhost:3000
</VirtualHost>
But, it's just going to my regular non node page.
The question is, how does apache know you when you want the PHP server, or when you want the Node server. You need to split them by ServerName.
You need a ServerName attribute so that apache knows to send that VirtualHost to the other process.
<VirtualHost *:80>
// PHP Server
ServerName example.com www.example.com
</VirtualHost>
<VirtualHost *:80>
// Node Server
ServerName node.example.com
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
ProxyRequests On
ProxyPass / http://localhost:3000
ProxyPassReverse / http://localhost:3000
</VirtualHost>
Additionally, you will have to put node.example.com within DNS.
I've read several posts like mine, but none of them seem to work.
I've got a regular apache config on CentOS 7 with a working website, both HTTP and HTTPS (certbot).
I have another service with a web port of `:3000 and i'd like to have it work as such:
http(s)://example.com (regular website content)
http(s)://example.com/new_site (the service on port 3000)
I've got the website set up as a virtual host with a custom webroot in /var/www/example.com/docroot
This is my current working config. I realized that the connection between the localhost does not need to be HTTPS, just the incoming requests:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
ProxyPass /my_site http://localhost:3000
ProxyPassReverse /my_site http://localhost:3000
ErrorLog /var/log/httpd/my_vhost_log
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
</VirtualHost>
</IfModule>
I also cleared up permissions issues by enabling the httpd_can_network_connect SELinux boolean.
UPDATE:
My issue now is that the above config overwrites my regular website content, so if you go to the https://example.com, it will just show the Apache welcome page, rather than the content in the /var/www/example.com/docroot.
Main config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/docroot
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
</VirtualHost>
</IfModule>
In the event that anyone comes across this,
The fix is simply to add the Proxy lines to your main domain config. You only need a single config file.
I want to add a subdomain api.example.com on Apache2.
Here is my configuration file for the domain.
<VirtualHost *:80>
ServerName api.winity.pw
ServerAdmin webmaster#winity.pw
DocumentRoot /var/www/api
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
I tried to access it without working, here is my DNS configuration on CloudFlare
When I try to access it, I find myself in the /var/www/public directory and not /var/www/api.
First when asking here.
Google the question
Search on StackOverflow
Make a relevant title for you Create subdomain in Apache2
Specify your operating system not your type of server**
Use 443 port over SSL by changing <VirtualHost *:80> to <VirtualHost *:443>.
If you receive an HTTP 525 - SSL Handshake failed error from CloudFlare, use Flexible SSL option.
This append when you use Full SSL and you don't have a valid SSL certificat on your server.
For fix this issue, change the SSL option to Flexible.
I have two local web site project, localgoogle.com and localapple.com.
localgoogle.com files are in /home/vahid/dev/localgoogle
localapple.com files are in /home/vahid/dev/localapple
My OS is debian 8.5, I have apache2 installed.
I made /etc/apache2/sites-available/localgoogle.com.conf
and /etc/apache2/sites-available/localapple.com.conf
both linked to /etc/apache2/sites-enabled and enabled by a2ensite command.
This is localgoole.com.conf:
<VirtualHost *:80>
ServerName localgoogle.com
ServerAdmin webmaster#localgoogle.com
DocumentRoot /home/vahid/dev/localgoogle
ServerAlias www.localgoogle.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
localapple conf file follow above configuration rule.
I restarted apache2 service, but I don't know why and how to access this virtualhosts from browser!
I tried localhost/localgoogle.com in browser but It's return Not Found
You access the site directly as localgoogle.com from your browser. Make sure that the name resolves to your local ip address using hosts file or dns.