Openssl certificates for apache

In my former post i described a way how to create self signed SSL certificates with an own certificate authority. These certificates didn’t work in latest chrome versions so I updated my scripts to create valid certificates for chrome. This time I only create wildcard certificates because creating one for every subdomain was annoying.

I also tried to use these certificates in postfix which did NOT work. To create files for postfix see my former post.

 

SSL certificates for apache

Simple way to create self-signed SSL certificates.

 

Apache2 with Git Smart HTTP

Install git-core and apache2. Also make sure required modules are loaded:

To create a git server with smart protocol, I used the following script in /var/gitwww:

And I configured my default virtualhost as following:

After that restart your apache and create a master branch from your client:

 

Bug in htpasswd.exe

I tried to configure basic authentication under an apache 2.4.4 and could not find out why my password didn’t match. Just got the following line in the log though my password was correct:

[…] [auth_basic:error] [pid …:tid …] [client ::…] AH01617: user ___: authentication failure for “/asd/”: Password Mismatch, referer: http://localhost/

So I found the following bug description https://issues.apache.org/bugzilla/show_bug.cgi?id=54735. To come over this I just had to use httpasswd with the -b flag to provide the password from command line instead of prompting for it.

apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName

on local webservers without specific domain I often came over the stated apache warning. Here is how to get rid of it:

  • Check your /etc/hosts that there are entries for localhost, localhost.domainname, hostname, hostname.domainname.
  • Last edit /etc/apache2/httpd.conf and add ServerName hostname to the file.
  • Restart apache

Nexus server behind an apache2 proxy

the following howto explains how to install a default nexus server behind an apache2 proxy on a debian host.

First install apache and java download nexus and prepare for configuration. You’ll find the latest version of nexus under http://nexus.sonatype.org/downloads/

[codesyntax lang=”bash”]

[/codesyntax]

Change root path of the nexus web application in /usr/local/nexus/conf/plexus.properties from /nexus to /

[codesyntax lang=”bash”]

[/codesyntax]

Then add a new vhost to apache:

[codesyntax lang=”apache”]

[/codesyntax]

Apache needs some additional modules loaded and nexus has to be started too.

[codesyntax lang=”bash”]

[/codesyntax]

After this you should be able to access the nexus server via http://nexus-host:8081/ and http://nexus-host/. The first one is the webapp behind the proxy. Of course you have to replace the hostname or create an appropriate /etc/hosts entry.

As described, this setup is a nexus only host without NameVirtualHost configuration. You can add ServerName and ServerAlias if you want to be able to deploy other vhosts. If you want to share the vhost with other applications, just skip the part with changes in the nexus.properties file or change the value to the wanted path. Then you have to use different lines for proxy configuration. For example, if you want too keep /nexus, you have to use

[codesyntax lang=”bash”]

[/codesyntax]