This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Use the following steps to configure Apache Httpd as the load balancer for WSO2 products.

  1. Install Apache Httpd using the following command.
    $sudo apt-get install apache2
  2. Enable the following required modules.
    $sudo a2enmod proxy_http
    $sudo a2enmod ssl
    $sudo a2enmod proxy_balancer
  3. Configure to direct the HTTP requests to the worker nodes with load balancing as http://as.wso2.com/<service> via HTTP 80 port.
    $sudo vi /etc/apache2/site-available/wso2.as.com.conf

    <VirtualHost as.wso2.com:80>
    	ServerName as.wso2.com
    
    
    	# disable forward proxy requests
    	ProxyRequests off
    
    
    	<Proxy balancer://wso2.as.com>
    		# Add a member to the load balancing group
    		BalancerMember http://as.wso2.com:9765
    		BalancerMember http://as.wso2.com:9766
    		ProxySet lbmethod=byrequests
    	</Proxy>
    
    
    	ProxyPass / balancer://wso2.as.com/
    	ProxyPassReverse / balancer://wso2.as.com/
    </VirtualHost>
  4. Configure to direct the HTTPS requests to the worker nodes with load balancing as https://as.wso2.com/<service> via HTTPS 443 port.
    $sudo vi /etc/apache2/site-available/wso2.as.com.conf

    <VirtualHost as.wso2.com:443>
    	ServerName as.wso2.com
    	ProxyRequests off
    
    
    	# creating debug logs
    	LogLevel debug
    
    
    	<Proxy balancer://ssl.wso2.as.com>
    		BalancerMember https://as.wso2.com:9445
    		BalancerMember https://as.wso2.com:9446
    		ProxySet lbmethod=byrequests
    	</Proxy>
    
    
    	ProxyPass / balancer://ssl.wso2.as.com/
    	ProxyPassReverse / balancer://ssl.wso2.as.com/
    
    
    	# enable SSL/TLS for a that virtual host
    	SSLEngine On
    	SSLCertificateFile /etc/apache2/ssl/wrk.crt
    	SSLCertificateKeyFile /etc/apache2/ssl/wrk.key
    
    
    	# enable SSL/TLS for proxy usage in a particular virtual host
    	SSLProxyEngine On
    </VirtualHost>
  5. Configure Apache Httpd to access the management console asĀ https://mgt.as.wso2.com/carbon via HTTPS 443 port.

    <VirtualHost mgt.as.wso2.com:443>
    
    ServerName mgt.as.wso2.com
    ProxyRequests off
    LogLevel debug
    ProxyPass /carbon https://mgt.as.wso2.com:9444/carbon/
    ProxyPassReverse /carbon https://mgt.as.wso2.com:9444/carbon/
    SSLEngine On
    SSLCertificateFile /etc/apache2/ssl/mgt.crt
    SSLCertificateKeyFile /etc/apache2/ssl/mgt.key
    SSLProxyEngine On
    </VirtualHost>
  6. Enable virtual host configurations.
    $sudo a2ensite wso2.as.com.conf
  7. Restart Apache Httpd.
    $sudo /etc/init.d/apache2 restart

Creating self-signed certificate for Apache httpd

  1. Generate private key.
    $sudo openssl genrsa -out ca.key 1024
  2. Generate a Certificate Signing Request (CSR).
    $sudo openssl req -new -key ca.key -out ca.csr
  3. Generate a self-signed key
    $sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

While creating the keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.

Creating self-signed keystores

  1. Create a new keystore with a private and public key pair.
    $keytool -genkey -keyalg RSA -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -validity 360 -keysize 2048
  2. Export the public certificate.
    $keytool -export -alias wso2carbon -keystore wso2carbon.jks -storepass wso2carbon -file wso2carbon.pem
  3. Import public certificate into client-truststore.jks.
    $keytool -import -alias wso2carbon -file wso2carbon.pem -keystore client-truststore.jks -storepass wso2carbon

While creating keys, enter the host name (as.wso2.com or mgt.as.wso2.com) as the Common Name.

  • No labels