http://ofbiz.116.s1.nabble.com/Users-Apache-mod-jk-SSL-Cert-Why-do-I-see-OFBiz-Test-Cert-tp139503p139510.html
I updated Wiki. Please check if it is accurate.
That's it. I will modify wiki so that others don't spend so much time on
this poplular configuration. Thanks.
> I updated my httpd.conf and mod_jk.conf per Ray's suggestions (below).
> https traffic is still going through 8443 and uses OFBiz Test cert. :(
> Regards, Vinay
>
> <VirtualHost 72.29.99.94:80>
> ServerName www.grayzilla.com
> ServerAlias www.grayzilla.com grayzilla.com
> ServerAdmin
[hidden email]
> DocumentRoot /home/grayzilla/domains/grayzilla.com/public_html
> ScriptAlias /cgi-bin/
> /home/grayzilla/domains/grayzilla.com/public_html/cgi-bin/
>
> Alias /images/
> "/home/grayzilla/domains/grayzilla.com/ofbiz/framework/images/webapp/i
> mages/
> "
> <Location /images/WEB-INF/ >
> AllowOverride None
> deny from all
> </Location>
> Alias /static/
> "/home/grayzilla/domains/grayzilla.com/ofbiz/hot-deploy/grayzilla/weba
> pp/sta
> tic/"
> <Location /static/WEB-INF/ >
> AllowOverride None
> deny from all
> </Location>
> JkMount /control/* ajp13
>
> UseCanonicalName OFF
>
> SuexecUserGroup grayzilla grayzilla
> CustomLog /var/log/httpd/domains/grayzilla.com.bytes bytes
> CustomLog /var/log/httpd/domains/grayzilla.com.log combined
> ErrorLog /var/log/httpd/domains/grayzilla.com.error.log
>
> <Directory /home/grayzilla/domains/grayzilla.com/public_html>
> Options -Indexes FollowSymLinks
> AllowOverride None
> Order allow,deny
> Allow from all
> </Directory>
> </VirtualHost>
>
>
> <VirtualHost 72.29.99.94:443>
> SSLEngine on
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> SSLCertificateFile
> /usr/local/directadmin/data/users/grayzilla/domains/grayzilla.com.cert
> SSLCertificateKeyFile
> /usr/local/directadmin/data/users/grayzilla/domains/grayzilla.com.key
> SSLOptions +StdEnvVars +ExportCertData
>
> ServerName www.grayzilla.com
> ServerAlias www.grayzilla.com grayzilla.com
> ServerAdmin
[hidden email]
> DocumentRoot /home/grayzilla/domains/grayzilla.com/public_html
> ScriptAlias /cgi-bin/
> /home/grayzilla/domains/grayzilla.com/public_html/cgi-bin/
>
> Alias /images/
> "/home/grayzilla/domains/grayzilla.com/ofbiz/framework/images/webapp/i
> mages/
> "
> <Location /images/WEB-INF/ >
> AllowOverride None
> deny from all
> </Location>
> Alias /static/
> "/home/grayzilla/domains/grayzilla.com/ofbiz/hot-deploy/grayzilla/weba
> pp/sta
> tic/"
> <Location /static/WEB-INF/ >
> AllowOverride None
> deny from all
> </Location>
> JkMount /webtools/* ajp13
> JkMount /partymgr/* ajp13
> JkMount /content/* ajp13
> JkMount /catalog/* ajp13
> JkMount /accounting/* ajp13
> JkMount /ordermgr/* ajp13
> JkMount /marketing/* ajp13
> JkMount /financials/* ajp13
> JkMount /control/* ajp13
>
> UseCanonicalName OFF
>
> SuexecUserGroup grayzilla grayzilla
> CustomLog /var/log/httpd/domains/grayzilla.com.bytes bytes
> CustomLog /var/log/httpd/domains/grayzilla.com.log combined
> ErrorLog /var/log/httpd/domains/grayzilla.com.error.log
>
> <Directory /home/grayzilla/domains/grayzilla.com/public_html>
> Options -Indexes FollowSymLinks
> AllowOverride None
> Order allow,deny
> Allow from all
> </Directory>
> </VirtualHost>
>
> -----Original Message-----
> From:
[hidden email]
> [mailto:
[hidden email]]
> On Behalf Of Ray Barlow
> Sent: Tuesday, May 30, 2006 9:06 AM
> To: OFBiz Users / Usage Discussion
> Subject: Re: [OFBiz] Users - Apache, mod_jk, SSL Cert - Why do I see
> OFBiz Test Cert?
>
> You don't need two ajp13 workers for http and https one is fine. If
> you want to deploy more than one instance then you need to create
> another
> ajp13 worker with it's own name and port not equal to 8009.
>
> I would suggest that you move the "JkMount /static/* ajp13" values
> from mod_jk.conf in to each VirtualHost section of your httpd.conf,
> say after the script alias. I'm guessing at the moment Apache has only
> applied those mappings to port 80 communications. I have almost
> duplicate entries in each VirtualHost for the http and https to do the
> mapping so it is very clear to Apache what domains, ports and mount
> points are being routed through ajp13 and which worker again for when
> you deploy more than one instance. Also for the http I don't even map
> the backend applications as I have no desire for anybody using http to
>
> I choose not to route the /images mount through ajp13 to Tomcat as
> Apache is well seasoned at serving static content. Maybe this will
> change if and when image content becomes more dynamic and you want to
> control access to certain resources, otherwise just set up an alias
> directive into the relevant ofbiz images folder.
>
> If your https ecommerce url's keep showing port 8443 then you also
> need to change your webstore data as the default demo data sets it as
> 8443, so it will constantly be trying to divert the next https request
> to 8443. For a true test you should also be able to turn of the Tomcat
> hosting of 8080 and
> 8443 in the ofbiz xml config file, so it is only available through ajp13.
>
> Ray
>
>
>
>
> _______________________________________________
> Users mailing list
>
[hidden email]
>
http://lists.ofbiz.org/mailman/listinfo/users>
>
>