wiki:UbuntuConfiguringApache2ServerSSLProxy

Version 3 (modified by JuergeN, 9 years ago) (diff)

--

Configuring Apache2 Server as SSL Proxy with htdigest auth

If you want to secure your DeepaMehta server e.g. on a public webserver, you should definitely consider secure https via SSL and and some sort of authentication. As DeepaMehta does not yet support these features natively, you can use an Apache2 Server and run it as an SSL proxy with htdigest authentication. Just follow these steps:

  1. Install apache2 webserver
    aptitude install apache2
    
  2. Load the required modules
    a2enmod ssl proxy proxy_http
    
  3. Create htdigest file with user and password
    htdigest -c /etc/apache2/.htdigest deepamehta.yourdomain.tld username 
    
  4. Create file deepamehta in /etc/apache2/sites-available:
     <VirtualHost *:443>
        
        ServerName deepamehta.yourdomain.tld
        ServerAdmin postmaster@yourdomain.tld
    
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/deepamehta.yourdomain.tld.pem
    
        ErrorLog /var/log/apache2/deepamehta-error.log
        CustomLog /var/log/apache2/deepamehta-access.log combined
        
        RewriteEngine On 
        RewriteRule ^/?$ http://localhost:8080/index.html [P] 
        
        ProxyRequests Off
        ProxyPreserveHost Off
        ProxyStatus On
        
        <Proxy *>
    	Order deny,allow
            Allow from all
        </Proxy>
        
        <location />
    	Order allow,deny
    	Allow from all
    	AuthType Digest
    	AuthName "deepamehta.yourdomain.tld"
    	AuthUserFile /etc/apache2/.htdigest
    	Require valid-user
    	ProxyPass http://localhost:8080/
    	ProxyPassReverse http://localhost:8080/
        </location>
    
     </VirtualHost>
    
  5. Create link to /etc/apache2/sites-available/deepamehta in /etc/apache2/sites-enabled and restart the webserver ...

That's it! You can now securely connect to https://deepamehta.your.domain.tld and will be asked to identify yourself with a username and password.