Production Installation (adding HTTPS support)
Мухаметали Кусайынов
Hello everyone. I need your help. I want to run DSpace in Production and I can't understand the installation instructions in point - 16 Production Installation (adding HTTPS support). I have never deployed a website in my life and this is the first time I am deploying a website. Therefore, I ask you to describe in detail step by step how to do it:
I installed apache httpd. Command -sudo apt install apache2
And I installed the mod_proxy and mod_proxy_ajp modules. Command - sudo a2enmod proxy; sudo a2enmod proxy_ajp
I have included AJP connector in Tomcat server.xml
I restarted apache. Command - sudo systemctl restart tomcat9.service
I have an SSL certificate from the university.
Where to put an SSL certificate?
How to set up a new VirtualHost? Where should it be by default? Or does it need to be created? If it needs to be created, what format should the file be (for example: .txt , .xml, )?
I have a frontend be in the dspace-angular-dspace-7.4 folder
Here is a similar question on VirtualHost, where can I find it?
I apologize in advance if I wrote with errors or rudely, I used Google translator, because I speak English poorly.
With best regards. Kussayinov Mukhametali.
Mark H. Wood
https://groups.google.com/g/dspace-tech
or
dspac...@googlegroups.com
On Thu, Jan 05, 2023 at 01:35:42AM -0800, Мухаметали Кусайынов wrote:
> Hello everyone. I need your help. I want to run DSpace in Production and I
> can't understand the installation instructions in point - 16 Production
> Installation (adding HTTPS support). I have never deployed a website in my
> life and this is the first time I am deploying a website. Therefore, I ask
> you to describe in detail step by step how to do it:
>
> I installed apache httpd. Command -sudo apt install apache2
> And I installed the mod_proxy and mod_proxy_ajp modules. Command - sudo
> a2enmod proxy; sudo a2enmod proxy_ajp
> I have included AJP connector in Tomcat server.xml
> I restarted apache. Command - sudo systemctl restart tomcat9.service
> I have an SSL certificate from the university.
> Where to put an SSL certificate?
package manager may have created and configured a temporary
certificate for testing.
You seem to be using a Linux distribution based on Debian GNU/Linux.
Probably Ubuntu -- that seems to be the most popular.
One reasonable thing to do would be to copy your certificate to the
place where the testing certificate was placed. I installed apache2
on Raspbian (another derivative of Debian) and found that
/etc/apache2/sites-available/default-ssl.conf contains the
'SSLCertificateFile' and 'SSLCertificateKeyFile' directives, pointing
to files in '/etc/ssl/certs' and '/etc/ssl/private'. So, you might
put your certificate and key files there.
You might wish to keep your certificates separated from the main
certificate store. Another reasonable thing to do would be to create
another directory in '/etc/ssl' (perhaps named 'httpd') and copy your
certificate and key to there.
The 'SSLCertificateFile' and 'SSLCertificateKeyFile' directives tell
HTTPD where to find these files, and can point to any place that you
think best. These directives are placed inside a virtual host block.
It would be good to read and understand
https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html
https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatefile
(and related directives in that page).
It is unfortunate that those pages are available only in English and French.
> 7.
> How to set up a new VirtualHost? Where should it be by default? Or does
> it need to be created? If it needs to be created, what format should the
> file be (for example: .txt , .xml, )?
already created one. I have little experience with running services
on Debian derivatives, so perhaps someone else should advise on how to
enable the SSL virtual host.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu