The rewrite module can be used to automatically rewrite all HTTP requests to HTTPS.
To have a secure communication, SSLEnable will enable SSL for the VirtualHost and SSLDisable will disable the SSL outside the VirtualHost
Step 1:Load the SSL modules in the configuration file
Modules:
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
Step 2: Provide the KeyFile location generated using ikeyman under the virtual hosts where SSL is enabled
KeyFile /opt/IBM/HTTPServer/conf/ihsserverkey.kdb
The KeyFile points to the key database file that contains the personal server certificates required by the browser during an SSL handshake
Step 3: Place the sample template in the configuration file which listens to 443
Configuration:
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
Listen 443
<VirtualHost *:443>
ProxyPreserveHost On
ServerName <servername>
ServerAlias *.<servername>
ServerAdmin server@admin
SSLEnable
SSLProxyEngine on
KeyFile /opt/IBM/HTTPServer/conf/ihsserverkey.kdb
## Application specific logs
ErrorLog /var/log/apache/<servername>-error.log
CustomLog /var/log/apache/<servername>-access.log combined
AllowEncodedSlashes On
RewriteEngine on
RewriteCond %{SERVER_PORT} (.*)
RewriteRule (.*) - [E=my_server_port:%1]
## NOTE: The 'REQUEST_SCHEME' Header is supported only from apache version 2.4 and above
RewriteCond %{REQUEST_SCHEME} (.*)
RewriteRule (.*) - [E=my_scheme:%1]
RewriteCond %{HTTP_HOST} (.*)
RewriteRule (.*) - [E=my_custom_host:%1]
RewriteRule "^/(v2)/(.*)$" "/artifactory/$1/$2" [P]
RewriteRule ^/$ /artifactory/webapp/ [R,L]
RewriteRule ^/artifactory(/)?$ /artifactory/webapp/ [R,L]
RewriteRule ^/artifactory/webapp$ /artifactory/webapp/ [R,L]
RequestHeader set Host %{my_custom_host}e
RequestHeader set X-Forwarded-Port %{my_server_port}e
## NOTE: {my_scheme} requires a module which is supported only from apache version 2.4 and above
RequestHeader set X-Forwarded-Proto %{my_scheme}e
RequestHeader set X-Artifactory-Override-Base-Url %{my_scheme}e://<servername>:%{my_server_port}e/artifactory
ProxyPassReverseCookiePath /artifactory /artifactory
ProxyRequests off
ProxyPreserveHost on
ProxyPass /artifactory/ http://<server-ip>/artifactory
ProxyPassReverse /artifactory/ http://<server-ip>/artifactory
</VirtualHost>
SSLDisable
To have a secure communication, SSLEnable will enable SSL for the VirtualHost and SSLDisable will disable the SSL outside the VirtualHost
Step 1:Load the SSL modules in the configuration file
Modules:
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
Step 2: Provide the KeyFile location generated using ikeyman under the virtual hosts where SSL is enabled
KeyFile /opt/IBM/HTTPServer/conf/ihsserverkey.kdb
The KeyFile points to the key database file that contains the personal server certificates required by the browser during an SSL handshake
Step 3: Place the sample template in the configuration file which listens to 443
Configuration:
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
Listen 443
<VirtualHost *:443>
ProxyPreserveHost On
ServerName <servername>
ServerAlias *.<servername>
ServerAdmin server@admin
SSLEnable
SSLProxyEngine on
KeyFile /opt/IBM/HTTPServer/conf/ihsserverkey.kdb
## Application specific logs
ErrorLog /var/log/apache/<servername>-error.log
CustomLog /var/log/apache/<servername>-access.log combined
AllowEncodedSlashes On
RewriteEngine on
RewriteCond %{SERVER_PORT} (.*)
RewriteRule (.*) - [E=my_server_port:%1]
## NOTE: The 'REQUEST_SCHEME' Header is supported only from apache version 2.4 and above
RewriteCond %{REQUEST_SCHEME} (.*)
RewriteRule (.*) - [E=my_scheme:%1]
RewriteCond %{HTTP_HOST} (.*)
RewriteRule (.*) - [E=my_custom_host:%1]
RewriteRule "^/(v2)/(.*)$" "/artifactory/$1/$2" [P]
RewriteRule ^/$ /artifactory/webapp/ [R,L]
RewriteRule ^/artifactory(/)?$ /artifactory/webapp/ [R,L]
RewriteRule ^/artifactory/webapp$ /artifactory/webapp/ [R,L]
RequestHeader set Host %{my_custom_host}e
RequestHeader set X-Forwarded-Port %{my_server_port}e
## NOTE: {my_scheme} requires a module which is supported only from apache version 2.4 and above
RequestHeader set X-Forwarded-Proto %{my_scheme}e
RequestHeader set X-Artifactory-Override-Base-Url %{my_scheme}e://<servername>:%{my_server_port}e/artifactory
ProxyPassReverseCookiePath /artifactory /artifactory
ProxyRequests off
ProxyPreserveHost on
ProxyPass /artifactory/ http://<server-ip>/artifactory
ProxyPassReverse /artifactory/ http://<server-ip>/artifactory
</VirtualHost>
SSLDisable