Issue
I've implemented a JavaEE project with JSF and deployed into my local Wildly server. Right now I'm perfectly ok and I can access it with any browser by typing http://localhost:8080/gestionale/. Right now I want to move the project to the cloud in a Linux machine. The idea is to setup Apache with SSL/TLS with Let's Encrypt in order to encrypt all the data, but I'm not sue how to implement this in the Apache server configuration. May this work?
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName mydomain.com
ServerAlias www.mydomain.com
ProxyPass / http://127.0.0.1:8080/gestionale/
ProxyPassReverse / http://127.0.0.1:8080/gestionale/
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile fullchain.pem
SSLCertificateKeyFile privkey.pem
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
</VirtualHost>
</IfModule>
The idea is access the JSF project by using mydomain.com directly: is this possible? Does all the data exchanged TLS/SSL secured?
Solution
Make your life easier by starting with unencrypted. A basic configuration would be:
<VirtualHost *:80>
ServerName www.mydomain.tld
ProxyPreserveHost on
ProxyPass / http://127.0.0.1:8080/gestionale/
ProxyTimeout 360
</VirtualHost>
Then, install Certbot and run the what the instructions tell you to. For example, on Ubuntu you'd run:
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get install certbot python-certbot-apache
sudo certbot --apache
Certbot will update your Apache SSL configuration for you. It will also ask you if you want to setup redirection from HTTP to HTTPS (a generally good idea).
Make sure that your domain name resolves correctly in DNS or you won't be able to correctly run certbot. That's the advantage of HTTP only at first to validate that everything is setup correctly.
Answered By - stdunbar Answer Checked By - Pedro (PHPFixing Volunteer)
Posts
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.