Configuring Red Hat Enterprise Linux

Setting up Apache Tomcat as a Proxy Server with HTTP

These instructions provide information for setting up Apache Tomcat as a proxy server for websites with HTTP.

Run the commands in the order listed below to install Java for Apache Tomcat.

  1. sudo yum update

  2. sudo yum install java-11-openjdk

  3. java –version

Configuring Apache Tomcat HTTP Proxy Web Server

Run the commands in the order listed below.

  1. sudo yum update

  2. sudo yum install httpd

Creating the Apache Tomcat HTTP Proxy Server Config File

  1. Run the nano/etc/httpd/conf.d/ssl.conf command.

  2. In the created config file, insert the data below and replace the file path and URLs if required.

    <VirtualHost *:80> ServerName your-domain.com ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ </VirtualHost>

  3. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  4. Run the following commands to enable the proxy and

    proxy_http: sudo yum install mod_proxy mod_proxy_http mod_proxy_ssl sudo systemctl start httpd sudo systemctl restart httpd

  5. Check the error log if required.

    tail -f /etc/httpd/logs/ssl_error_logtail -f /var/log/httpd/error_log tail -f /var/log/httpd/access_log

Setting up Apache Tomcat as a Proxy Server for HTTPS Websites

  1. Run the commands for the Java installation described in the section.

  2. Install OpenSSL on a Red Hat Enterprise Linux computer by running the following commands:

  3. sudo yum install openssl command.

  4. nano /etc/ssl/openssl2.cnf command to create the OpenSSL configuration file.

  5. In the created config file, insert the following data:

    [req] default_bits = 2048 default_keyfile = localhost.key distinguished_name = req_distinguished_name req_extensions = req_ext x509_extensions = v3_ca [req_distinguished_name] countryName = Country Name (2 letter code) countryName_default = US stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = New York localityName = Locality Name (eg, city) localityName_default = Rochester organizationName = Organization Name (eg, company) organizationName_default = localhost organizationalUnitName = organizationalunit organizationalUnitName_default = Development commonName = websphere-ubuntu.gamma.thycotic.com commonName_default = websphere-ubuntu.gamma.thycotic.com commonName_max = 64 [req_ext] subjectAltName = @alt_names [v3_ca] subjectAltName = @alt_names [alt_names] DNS.1 = websphere-ubuntu.gamma.thycotic.com DNS.2 = localhost IP.1 = 10.60.12.156

  6. Replace the valid common name, DNS name (full name of the computer [hostname -f]), and IP address of the Linux computer.

  7. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  8. Generate a self-signed certificate by running the following command:

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -config /etc/ssl/openssl2.cnf

  9. Generate a self-signed certificate in .pfx format by running the following command:

    sudo openssl pkcs12 -export -out /etc/ssl/certs/selfsigned.pfx -inkey /etc/ssl/private/selfsigned.key -in /etc/ssl/certs/selfsigned.crt

  10. Run the nano /etc/httpd/conf.d/ssl.conf command to create the Apache Tomcat config file.

  11. In the created config file, insert the following data and replace the file path and URLs if required:

    <VirtualHost *:443> ServerName cyb-ubuntu.prs.thycotic.com SSLEngine on SSLCertificateFile /etc/ssl/certs/selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/selfsigned.key SSLProxyEngine on ProxyPass / http://localhost:5000/ ProxyPassReverse / http://localhost:5000/

  12. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  13. Run the following commands to enable the proxy and

    proxy_https: sudo yum install mod_proxy mod_proxy_http mod_proxy_ssl sudo systemctl start httpd sudo systemctl restart httpd

  14. Check the error log if required by running the following commands:

    tail -f /etc/httpd/logs/ssl_error_log tail -f /var/log/httpd/error_log tail -f /var/log/httpd/access_log