This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Configuring Apache Httpd
Use the steps in the following topics to configure Apache Httpd as the load balancer for WSO2 products.
Configuring Apache Httpd
- Install Apache Httpd using the following command.
$sudo apt-get install apache2
- Enable the following required modules.
$sudo a2enmod proxy_http
$sudo a2enmod ssl
$sudo a2enmod proxy_balancer
Configure Apache Httpd to direct the HTTP requests to the worker nodes with load balancing as
http://as.wso2.com/<service>
via HTTP 80 port.$sudo vi /etc/apache2/sites-available/wso2.as.com.conf
<VirtualHost as.wso2.com:80> ServerName as.wso2.com # disable forward proxy requests ProxyRequests off <Proxy balancer://wso2.as.com> # Add a member to the load balancing group BalancerMember http://xxx.xxx.xxx.xx3:9763 BalancerMember http://xxx.xxx.xxx.xx4:9763 ProxySet lbmethod=byrequests </Proxy> ProxyPass / balancer://wso2.as.com/ ProxyPassReverse / balancer://wso2.as.com/ </VirtualHost>
Configure Apache Httpd to direct the HTTPS requests to the worker nodes with load balancing as
https://as.wso2.com/<service>
via HTTPS 443 port.$sudo vi /etc/apache2/sites-available/wso2.as.com.conf
<VirtualHost as.wso2.com:443> ServerName as.wso2.com ProxyRequests off # creating debug logs LogLevel debug <Proxy balancer://ssl.wso2.as.com> BalancerMember https://xxx.xxx.xxx.xx3:9443 BalancerMember https://xxx.xxx.xxx.xx4:9443 ProxySet lbmethod=byrequests </Proxy> ProxyPass / balancer://ssl.wso2.as.com/ ProxyPassReverse / balancer://ssl.wso2.as.com/ # enable SSL/TLS for a that virtual host SSLEngine On SSLCertificateFile /etc/apache2/ssl/wrk.crt SSLCertificateKeyFile /etc/apache2/ssl/wrk.key # enable SSL/TLS for proxy usage in a particular virtual host SSLProxyEngine On </VirtualHost>
Configure Apache Httpd to access the management console as https://mgt.as.wso2.com/carbon via HTTPS 443 port.
<VirtualHost mgt.as.wso2.com:443> ServerName mgt.as.wso2.com ProxyRequests off LogLevel debug ProxyPass /carbon https://xxx.xxx.xxx.xx2:9443/carbon/ ProxyPassReverse /carbon/ https://xxx.xxx.xxx.xx2:9443/carbon/ SSLEngine On SSLCertificateFile /etc/apache2/ssl/mgt.crt SSLCertificateKeyFile /etc/apache2/ssl/mgt.key SSLProxyEngine On </VirtualHost>
Creating self-signed certificate for Apache httpd
- Generate private key.
$sudo openssl genrsa -out ca.key 1024
- Generate a Certificate Signing Request (CSR).
$sudo openssl req -new -key ca.key -out ca.csr
- Generate a self-signed key
$sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
While creating the keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.
Creating self-signed keystores
- Create a new keystore with a private and public key pair.
$keytool -genkey -keyalg RSA -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -validity 360 -keysize 2048
- Export the public certificate.
$keytool -export -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -file wso2carbon.pem
- Import public certificate into client-truststore.jks.
$keytool -import -alias wso2carbon -file wso2carbon.pem -keystore client-truststore.jks -storepass wso2carbon
While creating keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.
Restarting Apache Httpd
- Enable virtual host configurations.
$sudo a2ensite wso2.as.com.conf
- Restart Apache Httpd.
$sudo /etc/init.d/apache2 restart