Apache SSL Reverse Proxy 설정방법

0 투표

Running behind an Apache SSL Reverse Proxy

Note: You must use the outside https address for the value at ROOT_URL in [[Section 3 Deploy-Rocket.Chat-without-docker#3-download-rocketchat]] above. This includes the https:// and leave off the port number. So instead of ROOT_URL=http://localhost:3000 use something like https://your_hostname.com

Run this as root:

apt-get update
apt-get install apache2
a2enmod proxy_http
a2enmod proxy
a2enmod ssl
a2enmod proxy_wstunnel
a2enmod rewrite

Add your private key to /etc/ssl/private/chat.domain.com.key

Lock down permissions: chmod 400 /etc/ssl/private/chat.domain.com.key

Add your certificate to /etc/ssl/certs/chat.domain.com.crt

Add your intermediate to /etc/ssl/certs/intermediate.ca.pem

Edit /etc/apache2/sites-enabled/rocketchat.conf and be sure to use your actual hostname in lieu of the sample hostname “your_hostname.com” below.

<VirtualHost *:443>

ServerAdmin [email protected]
ServerName chat.domain.com
ErrorLog /var/log/chat.domain.com_error.log
TransferLog /var/log/chat.domain.com_access.log
LogLevel info
SSLEngine On
SSLCertificateFile /etc/ssl/certs/chat.domain.com.crt
SSLCertificateKeyFile /etc/ssl/private/chat.domain.com.key
SSLCertificateChainFile /etc/ssl/certs/intermediate.ca.pem

<Location />
        Order allow,deny
        Allow from all
</Location>

RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*)           ws://localhost:3000/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*)           http://localhost:3000/$1 [P,L]

ProxyPassReverse / http://localhost:3000/
</VirtualHost>

Restart Apache: service apache2 restart

당신의 답변

보여지는 당신의 이름 (옵션):
개인정보 보호: 이메일 주소는 이 알림을 발송하기 위해 사용됩니다.
안티-스팸 확인:
앞으로 이 검증을 피하려면,로그인 혹은 가입 하시기바랍니다.
구로역 맛집 시흥동 맛집
이 포스팅은 쿠팡 파트너스 활동의 일환으로, 이에 따른 일정액의 수수료를 제공받습니다.
add
...