AJP redirect and SSL install document

Configuring the server on the cloud instance to work:
- On the cloud instance,   APACHE_HOME is in /opt/bitnami/apache2 OFBIZ_HOME is /opt/OFBiz/   - Once having logged on to the server on the cloud @ cms.ttsiglobal.com, used the "sudo -i"  command to get root permissions RECOMMENDATION: create a backup of each file that is being touched.

Apache Web server and OFBiz AJP Configuration:
To allow the Apache web server to proxy requests to the servlet container via TCP connections,  we need to enable AJP (Apache JServ Protocol) 1.3. By default, the Tomcat container  (embedded in OFBiz) listens on port 8009 for this connector. In addition, to support SSL, we  need the following mods (these come prepackaged with Apache Webserver 2.0)    In the <APACHE_HOME>/conf/httpd.conf file, make sure the following modules are enabled  by removing the #(comment) sign:  
LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_ajp_module modules/mod_proxy_ajp.so LoadModule ssl_module modules/mod_ssl.so

NOTE: To see which port is being used by what application, used the "lsof - i:PORT" command to find out which port is being used and for what.
Keeping the httpd.conf file changes to a minimum, towards the bottom of the httpd.conf file,  uncomment  #include conf/extra/httpd-vhosts.conf In the httpd-vhosts.conf file, add the following above the NameVirtualHost *:80 directive:   
ProxyRequests Off <Proxy *> AddDefaultCharset off Order deny,allow Allow from all </Proxy>     ProxyVia On

Also, inside the :80 VirtualHost directive, 

1>:8009/ - Open the <OFBiz_HOME>/framework/base/config/ofbiz-containers. Inc.http = 80 port.0.conf In the httpd-vhosts.0.ttsiglobal.com and put it in the apache/conf folder by doing the following:      - openssl req -new -x509 -nodes -config /opt/bitnami/common/openssl/openssl.   Getting secure pages to work in Apache OFBiz In the <OFBIZ_HOME>/framework/webapp/config folder.0. open the url. Disable this  section. Inc.conf file      - If port 8080 and 8443 are being firewalled. make sure that the property named port for  the AJP Connector is configured to the same port that's specified in the ProxyPass directive of  the httpd-vhosts.key What is your first and last name? [Unknown]: cms. change the <VirtualHost _default:443> directive to <VirtualHost *:443> and inside this directive make the following changes:      - change ServerName directive value to localhost      - add the following just before the end of the <VirtualHost> closing tag:    ProxyRequests Off ProxyPreserveHost On ProxyPass / ajp://<IP_ADDRESS OR 127.conf file.1>:8009/ - Assuming openssl path is defined in the system. we can comment out the http-connector and httpsconnector elements in this file.ttsiglobal.conf -out <APACHE_HOME>/conf/server.https = 443 - towards the bottom of the httpd. What is the name of your organization? [Unknown]: Trillion Technologies. create self-signed temporary certificates in the  name of cms.properties file and  configure the following: port.0.conf file.crt -keyout <APACHE_HOME>/conf/server. uncomment  #include conf/extra/httpd-ssl.xml and do the following:      - in the <container> element catalina-container. This will make sure that we are not exposing these ports  inadvertently.com What is the name of your organizational unit? [Unknown]: Trillion Technologies. What is the name of your City or Locality? [Unknown]: Vienna .     - set ServerName directive value to localhost      - add the following just before the closing tag:   ProxyRequests Off ProxyPreserveHost On ProxyPass / ajp://<IP_ADDRESS OR 127.      - The beanshell container exposes telnet port 9900 to execute beanshell scripts.

need to configur OFBiz to use this./ctrscript. Thawte etc. Changed the admin.com/catalog shows all applications enabled with our application. which is then submitted to a authority like Verisign.sh restart apache   The servers can be accessed using: http://erp.com is mounted to point to the eCommerce demo store   https://erp. we download and import it into our keystore.What is the name of your State or Province? [Unknown]: Vienna What is the two-letter country code for this unit? [Unknown]: US    NOTE: The steps to create the certificate and publish to our server will require us to use keytool to generate a key and generate a cert request. flexadmin and demoadmin password to ofBiz   . We also. Asked for  userlogin/password.   Restarting the Apache server Since we are using the bitnami server.ttsiglobal.ttsiglobal. On receiving our certificate.          - Added an exception on the client browser to browse the site. we can use the controlscript to restart apache /opt/bitnami>. More information can be found in the OFBiz technical production setup documentation.

Sign up to vote on this title
UsefulNot useful