This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

  1. Install Apache Httpd using the following command.
    $sudo apt-get install apache2
  2. Enable the following required modules.
    $sudo a2enmod proxy_http
    $sudo a2enmod ssl
    $sudo a2enmod proxy_balancer

  3. Configure to direct the HTTP requests to the worker nodes with load balancing as http://as.wso2.com/<service> via HTTP 80 port.
    $sudo vi /etc/apache2/site-available/wso2.as.com.conf

    <VirtualHost as.wso2.com:80>
	ServerName as.wso2.com


	# disable forward proxy requests
	ProxyRequests off


	<Proxy balancer://wso2.as.com>
		# Add a member to the load balancing group
		BalancerMember http://as.wso2.com:9765
		BalancerMember http://as.wso2.com:9766
		ProxySet lbmethod=byrequests
	</Proxy>


	ProxyPass / balancer://wso2.as.com/
	ProxyPassReverse / balancer://wso2.as.com/
</VirtualHost>
  4. Configure to direct the HTTPS requests to the worker nodes with load balancing as https://as.wso2.com/<service> via HTTPS 443 port.
    $sudo vi /etc/apache2/site-available/wso2.as.com.conf

     

    <VirtualHost as.wso2.com:443>
	ServerName as.wso2.com
	ProxyRequests off


	# creating debug logs
	LogLevel debug


	<Proxy balancer://ssl.wso2.as.com>
		BalancerMember https://as.wso2.com:9445
		BalancerMember https://as.wso2.com:9446
		ProxySet lbmethod=byrequests
	</Proxy>


	ProxyPass / balancer://ssl.wso2.as.com/
	ProxyPassReverse / balancer://ssl.wso2.as.com/


	# enable SSL/TLS for a that virtual host
	SSLEngine On
	SSLCertificateFile /etc/apache2/ssl/wrk.crt
	SSLCertificateKeyFile /etc/apache2/ssl/wrk.key


	# enable SSL/TLS for proxy usage in a particular virtual host
	SSLProxyEngine On
</VirtualHost>

  5. Configure Apache Httpd to access the management console as https://mgt.as.wso2.com/carbon via HTTPS 443 port.

    <VirtualHost mgt.as.wso2.com:443>

ServerName mgt.as.wso2.com
ProxyRequests off
LogLevel debug
ProxyPass /carbon https://mgt.as.wso2.com:9444/carbon/
ProxyPassReverse /carbon https://mgt.as.wso2.com:9444/carbon/
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/mgt.crt
SSLCertificateKeyFile /etc/apache2/ssl/mgt.key
SSLProxyEngine On
</VirtualHost>
  6. Enable virtual host configurations.
    $sudo a2ensite wso2.as.com.conf
  7. Restart Apache Httpd.
    $sudo /etc/init.d/apache2 restart

Creating self-signed certificate for Apache httpd

  1. Generate private key.
    $sudo openssl genrsa -out ca.key 1024
  2. Generate a Certificate Signing Request (CSR).
    $sudo openssl req -new -key ca.key -out ca.csr
  3. Generate a self-signed key
    $sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

While creating the keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.

Creating self-signed keystores

  1. Create a new keystore with a private and public key pair.
    $keytool -genkey -keyalg RSA -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -validity 360 -keysize 2048
  2. Export the public certificate.
    $keytool -export -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -file wso2carbon.pem
  3. Import public certificate into client-truststore.jks.
    $keytool -import -alias wso2carbon -file wso2carbon.pem -keystore client-truststore.jks -storepass wso2carbon

While creating keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.

What is your first and last name?
[Unknown]: mgt.as.wso2.com
…….
Is CN=mgt.as.wso2.com, OU=Eng, O=Wso2, L=Colombo, ST=Colombo, C=SL correct?
[no]: yes

  • No labels