Configuring Ubuntu Linux

Prerequisites

For configuration, you will need the following utilities:

  • Delinea Credential Cache directory

  • Installed .net Core on RedHat

Installing .net Core on Ubuntu

Open the Ubuntu command prompt with root privileges and run the commands in the order listed below.

  1. Get Ubuntu version

    declare repo_version=$(if command -v lsb_release &> /dev/null; then lsb_release -r -s; else grep -oP '(?<=^VERSION_ID=).+' /etc/os-release | tr -d '"'; fi)

  2. Download the Microsoft signing key and repository

    wget https://packages.microsoft.com/config/ubuntu/$repo_version/packages-microsoft-prod.deb -O packages-microsoft-prod.deb

  3. Install Microsoft signing key and repository

    sudo dpkg -i packages-microsoft-prod.deb

  4. Clean up

    rm packages-microsoft-prod.deb

  5. Install aspnetcore runtime 242654

    sudo apt install aspnetcore-runtime-7.0

Setting up Apache Tomcat as a Proxy Server for HTTP Websites

  1. In the Ubuntu Linux command prompt, run the sudo apt install apache2 command to install Apache Tomcat.

  2. Create the Apache Tomcat config file by running the sudo nano /etc/apache2/sites-available/credcache.conf command.

  3. In the created config file, insert the data below and replace the file path and URLs if required:

    <VirtualHost *:80> ServerName your-domain.com ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ </VirtualHost>

  4. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  5. Run the following command to enable the proxy and proxy_http:

    1. sudo a2enmod proxy

    2. sudo a2enmod proxy_http

    3. sudo a2enmod SSL

  6. Restart the Tomcat server by running the sudo systemctl restart apache2 command.

Setting up Apache Tomcat as a Proxy Server for HTTPS Websites

  1. In the Ubuntu Linux command prompt, run the sudo apt install apache2 command to install Apache Tomcat.

  2. Install OpenSSL on a Linux computer by running the following commands:

    1. sudo apt-get update

    2. sudo apt-get install openssl

  3. Create OpenSSL config file by running the sudo nano /etc/ssl/openssl2.cnf command.

  4. In the created config file, insert the following data:

    [req] default_bits = 2048 default_keyfile = localhost.key distinguished_name = req_distinguished_name req_extensions = req_ext x509_extensions = v3_ca [req_distinguished_name] countryName = Country Name (2 letter code) countryName_default = US stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = New York localityName = Locality Name (eg, city) localityName_default = Rochester organizationName = Organization Name (eg, company) organizationName_default = localhost organizationalUnitName = organizationalunit organizationalUnitName_default = Development commonName = websphere-ubuntu.gamma.thycotic.com commonName_default = websphere-ubuntu.gamma.thycotic.com commonName_max = 64 [req_ext] subjectAltName = @alt_names [v3_ca] subjectAltName = @alt_names [alt_names] DNS.1 = websphere-ubuntu.gamma.thycotic.com DNS.2 = localhost IP.1 = 10.60.12.156

  5. Also, replace the valid common name, DNS name (full name of the computer [hostname -f]), and IP address of the Linux computer.

  6. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  7. Generate a self-signed certificate by running the following command:

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -config /etc/ssl/openssl2.cnf

  8. Generate a self-signed certificate in .pfx format by running the following command:

    sudo openssl pkcs12 -export -out /etc/ssl/certs/selfsigned.pfx -inkey /etc/ssl/private/selfsigned.key -in /etc/ssl/certs/selfsigned.crt

  9. Run the sudo nano /etc/apache2/sites-available/credcache.conf command to create the Apache Tomcat config file.

  10. In the created config file, insert the following data and replace the file path and URLs if required:

    <VirtualHost *:443> ServerName cyb-ubuntu.prs.thycotic.com SSLEngine on SSLCertificateFile /etc/ssl/certs/selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/selfsigned.key SSLProxyEngine on ProxyPass / http://localhost:5000/ ProxyPassReverse / http://localhost:5000/ </VirtualHost>

  11. Press Ctrl + O to write changes, press Enter, and finally, press Ctrl + X to exit.

  12. Run the following commands to enable the proxy and proxy_http:

    1. sudo a2enmod proxy

    2. sudo a2enmod proxy_http

    3. sudo a2enmod SSL

  13. Restart the Tomcat server by running the sudo systemctl restart apache2 command.