We did the same for Windows, hope the following helps u in certain way
Steps to use Apache web server to cater all browser request for Ofbiz
application on Windows OS
Steps
a. I had chosen the path as D:\ApacheWebServer
b. Open httpd.conf file present in “D:\ApacheWebServer\bin” folder and
perform below mentioned changes in it
i. Enable below mentioned modules
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
ii. Enable below mentioned includes
Include conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-ssl.conf
iii. Add below mentioned lines at the end of httpd.conf file
<Proxy balancer://live-http>
BalancerMember ajp://localhost:8009 route=APP01
connectiontimeout=20 timeout=300
</Proxy>
<Proxy balancer://live-https>
BalancerMember ajp://localhost:8009 route=APP01
connectiontimeout=20 timeout=300
</Proxy>
c. Open httpd-vhosts.conf file present in “D:\ApacheWebServer\conf\extra”
folder and do mentioned changes in it
i. Add mentioned lines immediately above the NameVirtualHost*:80 directive
ProxyRequests Off
<Proxy *>
AddDefaultCharset off
Order deny,allow
Allow from all
</Proxy>
ProxyVia On
ii. Modify ServerName to be ‘localhost’ and add ProxyPass entry within
VirtualHost tag. Sample is shown below
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot "D:/ApacheWebServer/docs/dummy-host. hardik.in "
ServerName localhost
ServerAlias www.dummy-host. hardik.in
ErrorLog "logs/localhost-error.log"
CustomLog "logs/localhost-access.log" common
ProxyPass / balancer://live-http/
</VirtualHost>
d. Open httpd-ssl.conf file present in “D:\ApacheWebServer\conf\extra”
folder and do mentioned changes in it
i. Change Virtual Host tag from <VirtualHost _default_:443> to
<VirtualHost *:443>
ii. Modify ServerName entry to be localhost:443
iii. Add ProxyPass entry just before the end of <VirtualHost> tag.
ProxyPass / balancer://live-https/
Final <Virtual Host> tag should look like
<VirtualHost *:443>
DocumentRoot "D:/ApacheWebServer/htdocs"
ServerName localhost:443
ServerAdmin admin@ hardik.in
ErrorLog "D:/ApacheWebServer/logs/error.log"
TransferLog "D:/ApacheWebServer/logs/access.log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "D:/ApacheWebServer/conf/server.crt"
SSLCertificateKeyFile "D:/ApacheWebServer/conf/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "D:/ApacheWebServer/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "D:/ApacheWebServer/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ProxyPass / balancer://live-https/
</VirtualHost>
e. Now we have to generate a security certificate for Apache SSL.
We will use OpenSSL utility which comes bundled with Apache installation.
OpenSSL utility presence can be checked by checking the presence of
‘openssl.exe’ file in “D:\ApacheWebServer\bin” folder
i. Open command and move to “D:\ApacheWebServer\bin” folder
ii. Run below mentioned command
openssl req -new -x509 -nodes -config D:/ApacheWebServer/conf/openssl.cnf -days
60 -out D:/ApacheWebServer/conf/server.crt -keyout
D:/ApacheWebServer/conf/server.key
This will ask some basic
certificate related questions. Make sure that “Common Name” should be given as
“localhost”. Here certificate validity duration is given as 60 days
This will generate two files “server.crt” and “server.key” files in
“D:\ApacheWebServer\conf” folder. Path of these files are already been
configured in httpd-ssl.conf file in ‘SSLCertificateFile’ and
‘SSLCertificateKeyFile’ attributes
f. Changes related to Apache web sever are done. Restart the Apache web
server. If Apache server does not start successfully then please check all
configuration whether these are being done correctly or not
Now we have to tell Ofbiz to start picking up Browser requests (http and https)
from Apache. Perform below mentioned steps
a. Open url.properties file (present in
D:\ofBiz\framework\webapp\config(wherever u have kept ur Ofbiz ) folder) and
change http and https port to 80 and 443 respectively
b. Open ofbiz-containers.xml file (present in
D:\ofBiz\framework\base\config folder) and perform below mentioned changes
i. Comment whole “http-connector” property tag. This is required so that
Ofbiz does not entertain any direct http request. Every http request should
come via Apache
ii. Comment whole “https-connector” property tag. This is required so that
Ofbiz does not entertain any direct https request. Every https request should
come via Apache
iii. Add ‘packetSize’ property under “ajp-connector” property tag
<property name="ajp-connector" value="connector">
.
.
.
<property name="packetSize" value="20000"/>
.
.
</property>
iv. Modify two properties ‘default-host’ and ‘jvm-route’ present within
<container> tag to values as shown below
<container name="catalina-container"
class="org.ofbiz.catalina.container.CatalinaContainer">
.
.
.
<property name="default-host" value="localhost"/>
<property name="jvm-route" value="APP01"/>
.
.
</container>
v. Changes in Ofbiz are over. Now restart the Ofbiz server
Time to test the changes …
a. First open http://localhost/ecommerce URL on browser. You should get
home page. This certify that Ofbiz has started picking up http browser request
through Apache.
b. Now check HTTPS page. So click on “Sign in” link in header. Sign in
page will be displayed. Check that page URL is https , JSession ID has route id
as APP01 and we have got a certificate error. This proves that Ofbiz has
started picking up https browser request through Apache.
Certificate error is due to self-signed certificate that we have created. Once
we get proper trusted certificate from 3rd party this error will be fixed.
If you view the certificate , you will find that this is newly created
certificate that we have created earlier (in one of the steps in this email).
Click on “Signin” button after enyering valid username and password. We will
get logged in page
c. To access Ofbiz admin console, URL becomes
https://localhost/catalog/control/main
After login, admin console is shown
d. If you hit old Ofbiz URL http://localhost:8080/ecommerce (which have
old port number attached ), Ofbiz ecommerce page will not be opened. This
proves that access to Ofbiz through old port has been removed
Regards,
Hardik Handa
-----Original Message-----
From: Gavin Mabie [mailto:[email protected]]
Sent: Tuesday, May 17, 2011 7:33 PM
To: [email protected]
Subject: Running Ofbiz on Ubuntu with Apache front
Hi
I am battling to get Ofbiz to serve pages to Apache. I looked at the
documentation but am non-the-wiser. The installation on Linux Ubuntu works
fine for serving pages through port:8080. But when I try to get it to work
with port:80, that's when the problems start.
This is my setup:
. Ubuntu 8.x
. Apache2
The documentation
https://cwiki.apache.org/OFBIZ/faq-tips-tricks-cookbook-howto.html#FAQ-Tips-
Tricks-Cookbook-HowTo-HTTPD and the apaches config files are not necessarily
the same. For example http.conf in the Ubuntu version of Apache2 is empty.
Help!
What Apache files do I need to change/adjust to configure the VirtualHost and
SSL. My app is deployed in the hot-deploy component - and I would like m,y
visitors to use www.example.com.
Thanks in advance.
Gavin
::DISCLAIMER::
-----------------------------------------------------------------------------------------------------------------------
The contents of this e-mail and any attachment(s) are confidential and intended
for the named recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates.
Any views or opinions presented in
this email are solely those of the author and may not necessarily reflect the
opinions of HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification,
distribution and / or publication of
this message without the prior written consent of the author of this e-mail is
strictly prohibited. If you have
received this email in error please delete it and notify the sender
immediately. Before opening any mail and
attachments please check them for viruses and defect.
-----------------------------------------------------------------------------------------------------------------------
