Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
sudo systemctl restart apache2

RedHat 7 & Centos 7


yum install mod_ssl

Enable proxy_wstunnel

Edit /etc/httpd/conf.modules.d/00-proxy.conf

...

Code Block
<VirtualHost *:443>
        ServerName example.opmantek.com

        SSLEngine on
        SSLProxyEngine On
        ProxyRequests Off

        SSLCertificateFile    /etc/ssl/certs/example/cert.pem
        SSLCertificateKeyFile /etc/ssl/certs/example/privkey.pem
        SSLCertificateChainFile /etc/ssl/certs/example/fullchain.pem

        RequestHeader set X-Forwarded-Proto "https"

		# Proxy the websocket connection
        ProxyPassMatch ^(\/(en|es)\/omk\/opEvents\/ws\/.*)$  ws://localhost:8042/$1
		# Proxy the rest of the application
        ProxyPass /en/omk http://localhost:8042/en/omk
retry=5        ProxyPass /es/omk http://localhost:8042/es/omk
        ProxyPass /omk http://localhost:8042/omk
        ProxyPassReverse / http://localhost:8042/
		ErrorDocument 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>'

</VirtualHost>
<VirtualHost *:80>
    ServerName example.opmantek.com
    Redirect 301 / https://example.opmantek.com/
</VirtualHost>

...

NameValueExampleApache Docs
ServerNameFQDN of the server which users will refer to it bymonit-prod.opmatek.comhttps://httpd.apache.org/docs/2.4/vhosts/name-based.html
SSLCertificateFileServer PEM-encoded X.509 certificate data file or token identifie/etc/ssl/certs/example/cert.pemhttps://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatefile
SSLCertificateKeyFileServer PEM-encoded private key file/etc/ssl/certs/example/privkey.pemhttps://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile
SSLCertificateChainFile(Before apache 2.4.8) File of PEM-encoded Server CA Certificates/etc/ssl/certs/example/fullchain.pemhttps://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile
Redirect 301HTTPS url of the server which your users refer to byhttps://example.opmantek.com/


Testing the config


Then restart Apache

Code Block
sudo systemctl restart httpd

...