--Install Apache HTTP Server and mod_ssl on CentOS Linux 8 and set up a reverse proxy to the https server
$ cat /etc/centos-release
CentOS Linux release 8.1.1911 (Core)
Install the httpd package with the dnf install command.
$ sudo dnf install httpd
Confirm that it has been installed.
$ dnf list --installed httpd
Installed packages
httpd.x86_64 2.4.37-16.module_el8.1.0+256+ae790463 @AppStream
$ which httpd
/usr/sbin/httpd
$ httpd -v
Server version: Apache/2.4.37 (centos)
Server built: Dec 23 2019 20:45:34
$ httpd -V
Server version: Apache/2.4.37 (centos)
Server built: Dec 23 2019 20:45:34
Server's Module Magic Number: 20120211:83
Server loaded: APR 1.6.3, APR-UTIL 1.6.1
Compiled using: APR 1.6.3, APR-UTIL 1.6.1
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="run/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Enable the systemd httpd service.
$ sudo systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
Start Apache with the systemctl start command.
$ sudo systemctl start httpd
Check the status of Apache.
$ systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2020-03-23 21:55:04 JST; 7min ago
Docs: man:httpd.service(8)
There is an Apache configuration file under / etc / httpd /. The main config file is /etc/httpd/conf/httpd.conf, which adds other config files with the Include directive.
$ tree /etc/httpd/
/etc/httpd/
├── conf
│ ├── httpd.conf
│ └── magic
├── conf.d
│ ├── README
│ ├── autoindex.conf
│ ├── userdir.conf
│ └── welcome.conf
├── conf.modules.d
│ ├── 00-base.conf
│ ├── 00-dav.conf
│ ├── 00-lua.conf
│ ├── 00-mpm.conf
│ ├── 00-optional.conf
│ ├── 00-proxy.conf
│ ├── 00-systemd.conf
│ ├── 01-cgi.conf
│ ├── 10-h2.conf
│ ├── 10-proxy_h2.conf
│ └── README
├── logs -> ../../var/log/httpd
├── modules -> ../../usr/lib64/httpd/modules
├── run -> /run/httpd
└── state -> ../../var/lib/httpd
7 directories, 17 files
Install the mod_ssl package with the dnf install command.
$ sudo dnf install mod_ssl
The configuration files ssl.conf and 00-ssl.conf have been added, so add them with the Include directive if necessary.
$ find /etc/httpd | grep ssl
/etc/httpd/conf.d/ssl.conf
/etc/httpd/conf.modules.d/00-ssl.conf
For example, write the following contents in the configuration file of /etc/httpd/conf/httpd.conf. This time, I put them together in one configuration file without using the Include directive.
ServerRoot "/etc/httpd"
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule systemd_module modules/mod_systemd.so
Listen 80
User apache
Group apache
ErrorLog "logs/error_log"
ProxyRequests Off
SSLProxyEngine On
ProxyPass /foobar/ https://hogehoge.example.com/foobar/
ProxyPassReverse /foobar/ https://hogehoge.example.com/foobar/
You can check if the configuration file is correct with the apachectl configtest command.
$ apachectl configtest
Syntax OK
If the settings are correct, restart Apache for the settings to take effect.
$ sudo systemctl restart httpd
Access with curl etc. and check that the response is returned from the server that generated the content.
$ curl --include --silent http://localhost/foobar/ | head
HTTP/1.1 200 OK
Date: Mon, 23 Mar 2020 13:05:09 GMT
Server: Foobar Frontend
Content-Type: text/html;charset=utf-8
Content-Length: 9876
<!DOCTYPE html>
<html>
<head>
<title>Hello, world.</title>
-[Chapter 1 Apache HTTP Web Server Settings Red Hat Enterprise Linux 8 \ | Red Hat Customer Portal](https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/8/html/deploying_different_types_of_servers/setting- apache-web-server_deploying-different-types-of-servers) -[1 \ .9 . Mod \ _ssl Module Activation Red Hat Enterprise Linux 8 \ | Red Hat Customer Portal](https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/8/html/ deploying_different_types_of_servers / enabling-mod-ssl-module_setting-apache-web-server)
Recommended Posts