软件包:
a.httpd-2.0.61.tar.gz
b.mod_jk-1.2.26-httpd-2.0.61.so
c.openssl-0.9.8.tar.gz
d.ssl.ca-0.1.tar.gz
e. jboss 4.0.5
1.安装openssl-0.9.8.tar.gz
./config --prefix=/usr/local/openssl
make
make install
2.安装apache
./configure --prefix=/usr/local/apache2 --enable-so --enable-rewrite --with-ssl=/usr/local/openssl --enable-mods-shared=all
make
make install
3.做证书
可以利用ssl.ca-0.1.tar.gz,最后sign.sh签入
也可以利用openssl本身命令生成证书,利用CA.sh
4.配置
a.mod_jk.conf
########## Added by TFB ###############################
LoadModule jk_module modules/mod_jk-1.2.26-httpd-2.0.61.so
# Where to find workers.properties
JkWorkersFile conf/workers.properties
# Where to put jk logs
JkLogFile logs/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
# JkOptions indicates to send SSK KEY SIZE
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat
JkRequestLogFormat "%w %V %T"
# Mount your applications
JkMount / loadbalance
JkMount /* loadbalance
# You can use external file for mount points.
# It will be checked for updates each 60 seconds.
# The format of the file is: /url=worker
# /examples/*=loadbalance
# Add shared memory.
# This directive is present with 1.2.10 and
# later versions of mod_jk, and is needed for
# for load balancing to work properly
JkShmFile logs/jk.shm
# Add jkstatus for managing runtime data
JkMount status
Order deny,allow
Deny from all
Allow from 127.0.0.1
b. workers.properties
# Define 1 real worker using ajp13
worker.list=loadbalance,status
# Set properties for default (ajp13)
worker.server1.port=8009
worker.server1.host=192.168.206.210
worker.server1.type=ajp13
worker.server1.lbfactor=1
worker.server1.cachesize=20
worker.server2.port=8009
worker.server2.host=192.168.105.219
worker.server2.type=ajp13
worker.server2.lbfactor=1
worker.server2.cachesize=20
worker.loadbalance.type=lb
worker.loadbalance.balance_workers=server2,server1
worker.loadbalance.sticky_session=1
worker.status.type=status
5.校正
利用apachectl startssl启动,可能利用https转不到jboss下,因为在apache 中的conf目录下ssl.conf,把VirtualHost _default_:443把其comment掉,和下面一行comment掉,就可以了.
当时,我搞这个问题,郁闷了半天,https可以,就是转不到jboss 下