Corporate		Documentation		Products		Login

Overview

Tour

Information

Demos

Pricing

Support

Platform

Download

Install

Configure SSL Apache

Configuration of SSL Apache Server

4 of 10

The SSL Apache Server will receive all client HTTP requests on port 80. All requests for static documents and files will be served directly, while requests for dynamic DataBreeze content will be passed to the ModPerl Apache Server via ports 8000 and 8001 (SSL).

In this example the SSL Server has been compiled and installed into the /opt/apache-ssl directory as documented in the Apache SSL Server Installation.

Create the SSL Apache Configuration file
From the command line make a copy of the httpd.conf file included with the SSL Apache distribution and move it to the /opt/conf/ directory, renaming it 'httpd.conf.ssl'.

# cp /opt/apache-ssl/conf/httpd.conf /opt/conf/httpd.conf.ssl

Configuration of the SSL Apache httpd.conf.ssl file
Open the httpd.conf.ssl Apache Configuration file for editing and make the following chages:
Configure Apache User and Group
Change the Apache User and Group settings to 'www' (or whatever you desire, just substitute your user/group for www/www)

User www
Group www

DataBreeze Image Alias
An Apache Alias configuration directive must be created so that the SSL Apache Server can locate and serve the DataBreeze icons and images. Place the Alias directive in the Alias Module Section <IfModule mod_alias.c>.

Alias /dbz_img/ "/opt/www/dbz_img/"

Configuration for Non-SSL ProxyPass
The SSL Apache Server has been compiled with support for ModProxy and ModRewrite modules. This example shows how to use these modules to:
process static requests locally [L] on this SSL Server
pass dynamic DataBreeze requests [P] over port 8000 to the Apache ModPerl Server.

Place the following configuration within the Proxy Server Section <IfModule mod_proxy.c> for global effect
or
use the following within the <VirtualHost> Directive to control only one domain.

RewriteEngine on
RewriteRule \.html$ - [L] ## all html stays local
RewriteRule \.txt - [L] ## text files local
RewriteRule ^/dbz_img/ - [L] ## DataBreeze images local
## everything else is considered a dynamic databreeze request
## request for directory alone - add the DataBreeze script name 'dbz'
RewriteRule ^/(.*)/ http://localhost:8000/$1/dbz [P]
## proxypass everything else as is
RewriteRule ^/(.*) http://localhost:8000/$1 [P]
ProxyPassReverse / http://localhost:8000/
ProxyReceiveBufferSize 65535

Configuration for SSL ProxyPass
The SSL Apache Server must also be configured to handle DataBreeze SSL requests. The main difference in this example from above is that the DataBreeze dynamic requests are passed to port 8001.
This configuration is placed within the <IfDefine SSL> directive and the <SSL VirtualHost _default_:443> directive.

ServerName localhost
RewriteEngine on
RewriteRule ^/dbz_img/ - [L] ## databreeze images local
## proxypass everything else
RewriteRule ^/$ http://localhost:8001/dbz [P]
RewriteRule ^/(.*)/$ http://localhost:8001/$1/dbz [P]
RewriteRule ^/(.*) http://localhost:8001/$1 [P]
ProxyPassReverse / http://localhost:8001/
ProxyReceiveBufferSize 65535

SSL Certificate Configuration
In order to utilize SSL functionality, you must have or create a certificate. You may create your own private one, or pay a Certificate Authority for a public version. The excellent documentation at modssl.org outlines the steps necessary.
In this example, the certificate and key are placed within the SSL VirtualHost <SSL VirtualHost _default_:443> configuration.

SSLCertificateFile /opt/conf/ssl/server.crt
SSLCertificateKeyFile /opt/conf/ssl/server.key

Additional Configuration:
As general suggestions, the Directives for MinSpareServers, MaxSpareServers, StartServers and MaxClients should be relatively high, the defaults provided are acceptable.
The default setting of KeepAlive On is OK.