search

littlecowk35 / eic-quan-ly-cong-van

Automatically exported from code.google.com/p/eic-quan-ly-cong-van
0 stars 0 forks source link

Upgrade QLCV to HTTPS #25

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Move application server from /home/qlvb to /var/www/qlvb
Using two existing keys to set up HTTPS

Original issue reported on code.google.com by ntanh...@gmail.com on 13 Jan 2015 at 2:45

Attachments:

GoogleCodeExporter commented 9 years ago 
Configure:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="500" scheme="https" secure="true"
               SSLCertificateFile="/var/www/qlvb/key/qlvb.crt"
               SSLCertificateKeyFile="/var/www/qlvb/qlvb.key"
               clientAuth="false" sslProtocol="TLS" />

Error:
Failed to load keystore type JKS with path /home/qlvb/.keystore due to 
/home/qlvb/.keystore (No such file or directory)

Original comment by ntanh...@gmail.com on 13 Jan 2015 at 3:00

GoogleCodeExporter commented 9 years ago 
Enable Tomcat Native Library
 Linux #

(Tested with standard Tomcat 5.5.17 downloaded from Apache site, running on 
Ubuntu 7.04 - Feisty Fawn)

    Make sure that you have the libssl-dev and libapr1-dev packages installed$ apt-get install libssl-dev libapr1-dev
    Switch to your tomcat's bin directory$ cd ${TOMCAT_HOME}/bin
    Extract the tarball (tarred and gzipped archive) of the tomcat native lib$ tar -xvzf tomcat-native.tar.gz
    Jump into the source folder$ cd tomcat-native-1.1.3/jni/native
    Configure, make and install it$ ./configure --with-apr=/usr && make && sudo make install
    Change to the system library folder$ cd /usr/lib
    Make a convenience link to you new library$ sudo ln -s /usr/local/apr/lib/libtcnative-1.so libtcnative-1.so
    Edit ${TOMCAT_HOME}/bin/catalina.sh adding the following lines somewhere before the java program is executedLD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATHexport LD_LIBRARY_PATH
    Finally, edit /etc/modprobe.d/aliases and change the linealias net-pf-10 ipv6toalias net-pf-10 off ipv6 and reboot. This disables IPV6 which the library does not support yet (and hence will throw exceptions when trying to bind to TCP ports on network devices having IPV6 enabled).
    Restart tomcat and enjoy!

Original comment by ntanh...@gmail.com on 13 Jan 2015 at 7:57

GoogleCodeExporter commented 9 years ago 
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="500" scheme="https" secure="true"
               SSLCertificateFile="/var/www/qlvb/key/qlvb.crt"
               SSLCertificateKeyFile="/var/www/qlvb/qlvb.key"
               clientAuth="false" sslProtocol="TLS" />

Original comment by ntanh...@gmail.com on 13 Jan 2015 at 7:57

GoogleCodeExporter commented 9 years ago 
LD_LIBRARY_PATH=/opt/liferay-qlcv/liferay-9080/tomcat-7.0.42//lib:$LD_LIBRARY_PA
TH export LD_LIBRARY_PATH

Original comment by ntanh...@gmail.com on 13 Jan 2015 at 7:58

GoogleCodeExporter commented 9 years ago 
http://dougbunger.blogspot.com/2011/03/tomcat-native-libraries.html

Original comment by ntanh...@gmail.com on 13 Jan 2015 at 7:58

GoogleCodeExporter commented 9 years ago 
1. Extract /var/www/qlvb/qlcv/tomcat-7.0.42/bin/tomcat-native-1.1.27.tar.gz
2. Move to 
qlvb@app35:/var/www/qlvb/qlcv/tomcat-7.0.42/bin/tomcat-native-1.1.27-src/jni/nat
ive
3. Run 
qlvb@app35:/var/www/qlvb/qlcv/tomcat-7.0.42/bin/tomcat-native-1.1.27-src/jni/nat
ive$ ./configure --with-apr=/usr 
--with-java-home=/usr/lib/jvm/java-1.7.0-openjdk-amd64 
--prefix=/var/www/qlvb/qlcv/tomcat-7.0.42
4. Run make; make install
Libraries have been installed in:
   /var/www/qlvb/qlcv/tomcat-7.0.42/lib
5. Configure HTTPS
Edit file tomcat-7.0.42/bin/catalina.sh. Add the following line:
LD_LIBRARY_PATH= /var/www/qlvb/qlcv/tomcat-7.0.42/lib:$LD_LIBRARY_PATH export 
LD_LIBRARY_PATH

Edit file tomcat-7.0.42/conf/server.xml
 <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="500" scheme="https" secure="true"
               SSLCertificateFile="/var/www/qlvb/key/qlvb.crt"
               SSLCertificateKeyFile="/var/www/qlvb/qlvb.key"
               clientAuth="false" sslProtocol="TLS" />

Original comment by ntanh...@gmail.com on 13 Jan 2015 at 10:08

GoogleCodeExporter commented 9 years ago 
Fix
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="500" scheme="https" secure="true"
               SSLCertificateFile="/var/www/qlvb/key/qlvb.crt"
               SSLCertificateKeyFile="/var/www/qlvb/key/qlvb.key"
               clientAuth="false" sslProtocol="TLS" />

Original comment by ntanh...@gmail.com on 13 Jan 2015 at 10:52