Versions Compared

Old Version 3

changes.mady.by.user J. Hunter Heinlen

Saved on

compared with

New Version Current

changes.mady.by.user J. Hunter Heinlen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

Wiki MarkupNote:    Next revision cycle, start building everything into
$HOME/\[app\]-\[version#\] and creating a symlink to $HOME/\[app\] so that there is
no question about what the current, in use, directory is.

Note: When downloading software to install in these instructions, always
download the source code, and avoid binary installers.  Binary installers tend
to make inaccurate assumptions about what libraries you have installed on your
system, as well as other problems.

...

      Please be aware, the organization (O) is:
      Massachusetts Institute of Technology
      and the common name (CN) is the name of the server or
      service, including the domain name (.mit.edu).  Also, some servers, such
      as Thalia servers, can represent an entire subdomain.  These servers
      will need certificates issued with a wildcard in the domain name, such
      as *.isda-thalia-1.mit.edu.  

Wiki Markup      Remember, if the server is a Thalia server, if will need a wildcard    certificate and DNS record for \*.\[hostname\], and if it is doing any type of    authentication, it will need a joint client/server certificate to be able    to connect to the Shibboleth server (and have end users connect to it as    wildcard
   certificate and DNS record for *.[hostname], and if it is doing any type of
   authentication, it will need a joint client/server certificate to be able
   to connect to the Shibboleth server (and have end users connect to it as
   well).

   2db. To generate a self signed temporary certificate, add the x509 and
        nodes options to the openssl command line.

...

Code Block
# points to directory for withstatic tomcathtml webappsfiles
DocumentRoot "/home/apache-tomcat-5.5.25/webapps/htdocs"

# the servername of the server
ServerName isda-ws2.mit.edu:443

# the admins of this server
ServerAdmin dracus@mit.edu,dongq@mit.edu,dtanner@mit.edu

# error log file
ErrorLog /home/apache/logs/error_log

# access log file
TransferLog /home/apache/logs/access_log

# public server certificate
SSLCertificateFile /usr/local/ssl/certs/isda-ws2.pem

# private server certificate
SSLCertificateKeyFile /usr/local/ssl/private/https-key.pem

\#certificate path
SSLCACertificatePath /usr/local/ssl/certs

# certificate authority key
SSLCACertificateFile /usr/local/ssl/certs/mitCA.pem

SSLVerifyClient require
SSLVerifyDepth  10

...

Code Block
JKMount / ajp13
JKMount /\* ajp13

JkMount /manager ajp13
JkMount /manager/\* ajp13

JkMount /uaws ajp13
JkMount /uaws/\* ajp13

JkMount /webdav ajp13
JkMount /webdav/\* ajp13

JkMount /geows ajp13
JkMount /geows/\* ajp13

JkMount /servlets-examples ajp13
JkMount /servlets-examples/\* ajp13
JkMount /tomcat-docs ajp13
JkMount /tomcat-docs/\* ajp13
JkMount /host-manager ajp13
JkMount /host-manager/\* ajp13

JkMount /jsp-examples ajp13
JkMount /jsp-examples/\* ajp13

JkMount /balancer ajp13
JkMount /balancer/\* ajp13

JkMount /mitidws ajp13
JkMount /mitidws/\* ajp13

9. to pass environment variables from apache to tomcat, add the following to
   the end of httpd.conf (note, the name for those environment variables might
   change between different apache versions. Apache comes with a cgi script in
   cgi-bin/printenv. Run this script in your https enabled browser to verify
   that these variables still holds).

...

code
Code Block
/etc/init.d/web stop