This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Configuring Apache Httpd

Owned by Former user (Deleted)
Last updated: Mar 07, 2016
2 min read

Use the steps in the following topics to configure Apache Httpd as the load balancer for WSO2 products.

Configuring Apache Httpd

  1. Install Apache Httpd using the following command.
    $sudo apt-get install apache2
  2. Enable the following required modules.
    $sudo a2enmod proxy_http
    $sudo a2enmod ssl
    $sudo a2enmod proxy_balancer

  3. Configure Apache Httpd to direct the HTTP requests to the worker nodes with load balancing as http://as.wso2.com/<service> via HTTP 80 port.
    $sudo vi /etc/apache2/sites-available/wso2.as.com.conf

    <VirtualHost as.wso2.com:80>
	ServerName as.wso2.com

	# disable forward proxy requests
	ProxyRequests off

	<Proxy balancer://wso2.as.com>
		# Add a member to the load balancing group
		BalancerMember http://xxx.xxx.xxx.xx3:9763
		BalancerMember http://xxx.xxx.xxx.xx4:9763
		ProxySet lbmethod=byrequests
	</Proxy>

	ProxyPass / balancer://wso2.as.com/
	ProxyPassReverse / balancer://wso2.as.com/
</VirtualHost>

  4. Configure Apache Httpd to direct the HTTPS requests to the worker nodes with load balancing as https://as.wso2.com/<service> via HTTPS 443 port.
    $sudo vi /etc/apache2/sites-available/wso2.as.com.conf

    <VirtualHost as.wso2.com:443>
	ServerName as.wso2.com
	ProxyRequests off

	# creating debug logs
	LogLevel debug

	<Proxy balancer://ssl.wso2.as.com>
		BalancerMember https://xxx.xxx.xxx.xx3:9443
		BalancerMember https://xxx.xxx.xxx.xx4:9443
		ProxySet lbmethod=byrequests
	</Proxy>

	ProxyPass / balancer://ssl.wso2.as.com/
	ProxyPassReverse / balancer://ssl.wso2.as.com/

	# enable SSL/TLS for a that virtual host
	SSLEngine On
	SSLCertificateFile /etc/apache2/ssl/wrk.crt
	SSLCertificateKeyFile /etc/apache2/ssl/wrk.key

	# enable SSL/TLS for proxy usage in a particular virtual host
	SSLProxyEngine On
</VirtualHost>

  5. Configure Apache Httpd to access the management console as https://mgt.as.wso2.com/carbon via HTTPS 443 port.

    <VirtualHost mgt.as.wso2.com:443>

ServerName mgt.as.wso2.com
ProxyRequests off
LogLevel debug
ProxyPass /carbon https://xxx.xxx.xxx.xx2:9443/carbon/
ProxyPassReverse /carbon/ https://xxx.xxx.xxx.xx2:9443/carbon/
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/mgt.crt
SSLCertificateKeyFile /etc/apache2/ssl/mgt.key
SSLProxyEngine On
</VirtualHost>

Creating self-signed certificate for Apache httpd

  1. Generate private key.
    $sudo openssl genrsa -out ca.key 1024
  2. Generate a Certificate Signing Request (CSR).
    $sudo openssl req -new -key ca.key -out ca.csr
  3. Generate a self-signed key
    $sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

While creating the keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.

Creating self-signed keystores

  1. Create a new keystore with a private and public key pair.
    $keytool -genkey -keyalg RSA -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -validity 360 -keysize 2048
  2. Export the public certificate.
    $keytool -export -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -file wso2carbon.pem
  3. Import public certificate into client-truststore.jks.
    $keytool -import -alias wso2carbon -file wso2carbon.pem -keystore client-truststore.jks -storepass wso2carbon

While creating keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.

Restarting Apache Httpd

  1. Enable virtual host configurations.
    $sudo a2ensite wso2.as.com.conf
  2. Restart Apache Httpd.
    $sudo /etc/init.d/apache2 restart