NOTE - should be run using sudo/root privileges.
before you install httpd as an OS service - confirm if it is already installed in your server by running any command as below
$ systemctl status httpd or rpm -qi httpd
if the system is unable to find the service, proceed to the next stepSTEP 2 - Install httpd
$ yum install httpd
this will install the latest package available from the server repository - at the time of writing this article 2.4.37 is the latest offering by Oracle in OL8.xupon successful installation, you should able to see the httpd package available now.
STEP 3 - verify package post-installation
$ systemctl status httpd
the above confirms the package is installed now, however at default the service is inctive and disabledSTEP 4 - Start the service
$ systemctl start httpd
$ systemctl status httpd
this shows apache is up and running now, check the process by running the regular ps command$ ps -ef | grep httpd
the conf file of this package can be found under - /etc/httpd/confverify the newly installed apache by running the following commands
$ httpd -v
$ rpm -qi httpd
Additionally, you can set this apache instance as an auto boot-up service post VM reboot by running the following command -$ sudo chkconfig httpd on
How to configure 2nd Instance of Apache in the same server
$ cp -fr /etc/httpd /etc/httpd1
Modify the httpd directives which may be a conflict if running multiple instances at the same time in file "/etc/httpd1/conf/httpd.conf"ServerRoot Listen PidFile ErrorLog CustomLog For example, we changed as following in "/etc/httpd1/conf/httpd.conf" for 2nd Instance ServerRoot /etc/httpd1 Listen 8080 PidFile run/httpd1.pid ErrorLog logs/httpd1_error_log CustomLog logs/httpd1_access_log combinedStart Apaches
$ httpd -f /etc/httpd1/conf/httpd1.conf -k start $ httpd -f /etc/httpd/conf/httpd1.conf -k start
How to configure SSL module
install the mod_ssl module by running the following command -
$ yum -y install mod_sslit will install the required module and place it under
/usr/lib64/httpd/modules/mod_ssl.soload this module in /etc/httpd/conf/httpd.conf as -
LoadModule ssl_module modules/mod_ssl.soconfiguration requires certificates and start the httpd service as usual
How to install a Signed Certificate into Apache Instance
Generate CSR, that will generate server.key & server.csr
$ openssl req -new -newkey rsa:4096 -nodes -keyout server.key -out server.csr
Get CSR signed by an authorized CA$ vi /etc/httpd/conf.d/ssl.conf #SSLCertificateFile /etc/pki/tls/certs/localhost.crt SSLCertificateFile "/etc/httpd/ssl/server.crt" #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key SSLCertificatekeyFile "/etc/httpd/ssl/server.key"restart your httpd service
You should be able to access index.html on HTTPS now.
In case of a self-signed certificate
Configure the SSL module as mentioned above and add port 443 in the following lines in /etc/httpd/conf/httpd.conf and restart the Apache.
Listen 80
Listen 443
ServerName 10.20.30.40:80
ServerName 10.20.30.40:443
Please note that with the self-signed certificate, you will get a warning while testing on https://$hostname:443/ because self-signed certificate is the problem, the browser could not trust the server due to its certificate signed by itself but not by a trusted certificate authority (CA).
Known Issue -
After enabling mod_wl_24.so for the WebLogic proxy you might see the following issue while starting the httpd service -
cannot load modules/mod_wl_24.so into server: libdms2.so: cannot open shared object file:
How to fix -
$ vi /usr/lib/systemd/system/httpd.service
Under [Service] add the following line -
LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/usr/lib64
Reload system daemon
$ systemctl daemon-reload
Now copy only the missing modules or libs from /usr/lib64/httpd/modules/ to /usr/lib64/
Ex -
cp -rp /usr/lib64/httpd/modules/libonssys.so /usr/lib64/
cp -rp /usr/lib64/httpd/modules/libonsssl.so /usr/lib64/
cp -rp /usr/lib64/httpd/modules/libdms2.so /usr/lib64/
$ systemctl start httpd
No comments:
Post a Comment