Kohei Nozaki's blog 

Enabling SSL for Apache/WildFly

Posted on Monday Feb 09, 2015 at 05:56PM in Technology

Environment

  • WildFly 8.2.0.Final

  • httpd-2.2.15-39.el6.centos.x86_64

  • CentOS 6.5

Put SSL related files

  • public.crt: begins with BEGIN CERTIFICATE

  • intermediate.crt: begins with BEGIN CERTIFICATE

  • private.key: begins with BEGIN RSA PRIVATE KEY

Edit /etc/httpd/conf.d/ssl.conf

SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCertificateFile /usr/local/ssl/public.crt
SSLCertificateKeyFile /usr/local/ssl/private.key
SSLCertificateChainFile /usr/local/ssl/intermediate.crt
SSLPassPhraseDialog exec:/usr/local/ssl/passphrase.sh

Put passphrase.sh

#!/bin/sh
echo "put the passphrase here"

Define an ajp-listener

Execute following command with jboss-cli:

/socket-binding-group=standard-sockets/socket-binding=https-external:add(port=443)
/subsystem=undertow/server=default-server/ajp-listener=myListener:add(socket-binding=ajp, redirect-socket="https-external", enabled=true)

Put /etc/httpd/conf.d/jk.conf

<VirtualHost *:80>
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / http://www.example.org/
</VirtualHost>

Put following inside VirtualHost element of /etc/httpd/conf.d/ssl.conf

ProxyPass / ajp://localhost:8009/
ProxyPassReverse / https://www.example.org/

Comments [0]

Tags: apache ssl wildfly

No one has commented yet.

Leave a Comment

HTML Syntax: NOT allowed

Welcome

You're viewing a weblog entry titled Enabling SSL for Apache/WildFly. If you like this entry you might want to:

del.icio.us Bookmark it submit to dig digg.com Digg it

This is just one entry in the weblog Kohei Nozaki's blog. Why don't you visit the main page of the weblog?

Related entries