This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Use the following steps to configure Apache Httpd as the load balancer for WSO2 products.

  1. Install Apache Httpd using the following command.
    $sudo apt-get install apache2
  2. Enable the following required modules.
    $sudo a2enmod proxy_http
    $sudo a2enmod ssl
    $sudo a2enmod proxy_balancer

  3. Configure to direct the HTTP requests to the worker nodes with load balancing as http://xxx.xxx.xxx.xx3/<service> via HTTP 80 port.
    $sudo vi /etc/apache2/site-available/wso2.as.com.conf

    <VirtualHost xxx.xxx.xxx.xx3:80>
	ServerName as.wso2.com

	# disable forward proxy requests
	ProxyRequests off

	<Proxy balancer://wso2.as.com>
		# Add a member to the load balancing group
		BalancerMember http://as.wso2.com:9765
		BalancerMember http://as.wso2.com:9766
		ProxySet lbmethod=byrequests
	</Proxy>

	ProxyPass / balancer://wso2.as.com/
	ProxyPassReverse / balancer://wso2.as.com/
</VirtualHost>

  4. Configure to direct the HTTPS requests to the worker nodes with load balancing as https://xxx.xxx.xxx.xx3/<service> via HTTPS 443 port.
    $sudo vi /etc/apache2/site-available/wso2.as.com.conf

    <VirtualHost xxx.xxx.xxx.xx3:443>
	ServerName as.wso2.com
	ProxyRequests off


	# creating debug logs
	LogLevel debug


	<Proxy balancer://ssl.wso2.as.com>
		BalancerMember https://as.wso2.com:9445
		BalancerMember https://as.wso2.com:9446
		ProxySet lbmethod=byrequests
	</Proxy>


	ProxyPass / balancer://ssl.wso2.as.com/
	ProxyPassReverse / balancer://ssl.wso2.as.com/


	# enable SSL/TLS for a that virtual host
	SSLEngine On
	SSLCertificateFile /etc/apache2/ssl/wrk.crt
	SSLCertificateKeyFile /etc/apache2/ssl/wrk.key


	# enable SSL/TLS for proxy usage in a particular virtual host
	SSLProxyEngine On
</VirtualHost>

  5. Configure Apache Httpd to access the management console asĀ https://xxx.xxx.xxx.xx2/carbon via HTTPS 443 port.

    <VirtualHost xxx.xxx.xxx.xx2:443>

ServerName mgt.as.wso2.com
ProxyRequests off
LogLevel debug
ProxyPass /carbon https://xxx.xxx.xxx.xx2:9443/carbon/
ProxyPassReverse /carbon https://xxx.xxx.xxx.xx2:9443/carbon/
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/mgt.crt
SSLCertificateKeyFile /etc/apache2/ssl/mgt.key
SSLProxyEngine On
</VirtualHost>
  6. Enable virtual host configurations.
    $sudo a2ensite wso2.as.com.conf
  7. Restart Apache Httpd.
    $sudo /etc/init.d/apache2 restart

Creating self-signed certificate for Apache httpd

  1. Generate private key.
    $sudo openssl genrsa -out ca.key 1024
  2. Generate a Certificate Signing Request (CSR).
    $sudo openssl req -new -key ca.key -out ca.csr
  3. Generate a self-signed key
    $sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

While creating the keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.

Creating self-signed keystores

  1. Create a new keystore with a private and public key pair.
    $keytool -genkey -keyalg RSA -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -validity 360 -keysize 2048
  2. Export the public certificate.
    $keytool -export -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -file wso2carbon.pem
  3. Import public certificate into client-truststore.jks.
    $keytool -import -alias wso2carbon -file wso2carbon.pem -keystore client-truststore.jks -storepass wso2carbon

While creating keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.

  • No labels