cancel
Showing results for 
Search instead for 
Did you mean: 

Problem while configuring the Apache Web Server as the Intermediary Server

Former Member
0 Kudos

Hello,

I want to use Apache 2.0 web-server as a proxy for my SAP EP so that I could access http://portal_server:50000/irj through this Apache external web-server.

I checked this sap help link as a reference.

http://help.sap.com/saphelp_nw04/helpdata/en/18/5cea2296190e4cb7faf9468ad793ea/frameset.htm

But still not clear what exact configuration I need to do in the httpd.conf file. I searched the posted forums on this topic but couldnt get exact steps.

It would be grateful if anyone can guide me on this configuration (redirecting url etc).

Thanks in advance.

-Mandar

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

STEPS OF SECURE APACHE-SSL

1.Install apache version like apache_x_y_z_win32.exe also select the right combination of mod_ssl and Openssl.

(Like for apache1.3.33 you need mod_ssl_2.8.22 and Openssl_0.9.7f or Openssl_0.9.7g.

Or

Select a mix of all three like [Apache_1.3.33-Mod_SSL_2.8.22-Openssl_0.9.7f-Win32.zip]

(for this install apache service also).

2. Select httpd.conf file from (apache\conf) open it for configuration.

3. Stop the services of apache from Control panel \ administrative tools \ services.

Note:-- may be it is possible all files for configuration will not be there in apache2.exe then extract the

Apache_2.0.54-Mod_SSL_2.8.22-Openssl_0.9.7f-Win32.zip file and copy conf,lib,modules logs

files in corresponding folder of Apache2.exe.

HTTPD.CONF Configuration

1. Replace all occurrences of www.my-server.dom with the real domain name!

(If you have installed apache from .exe file then its doesn’t required but for . Zip archive file you have to replace it)

2. Comment port 80 like # port 80

3. Write Listen 80 and Listen 443 in httpd.conf file.

4. Extract Openssl in any folder and copy files ssleay32.dll and libeay32.dll into WINNT\SYSTEM32 paste them here.

5. Download Openssl.cnf file because you need to configure openssl.exe. a link apear select saveas and save it to bin folder of apache2 directory

6. Copy all the *.exe, *.so, *.dll inside your apache\bin directory from extracted Openssl directory.

7. Write

LoadModule ssl_module modules/ApacheModuleSSL.dll

or

LoadModule ssl_module modules/ApacheModuleSSL.so

or

LoadModule ssl_module modules/mod_ssl.so

after the LoadModule lines that are already in the httpd.config file

8. Write AddModule mod_ssl.c this for apache1 for apache2 it is noy required.

after the AddModule lines that are already in the httpd.config file.

9. Add the following to the end of httpd.conf:

SSLMutex sem

SSLRandomSeed startup builtin

SSLSessionCache none

SSLLog logs/SSL.log

SSLLogLevel info

SSLEngine On

SSLCertificateFile conf/ssl/my-server.cert

SSLCertificateKeyFile conf/ssl/my-server.key

ProxyRequests Off

<Proxy *>

Order deny,allow

Allow from all

</Proxy>

ProxyPass / http://ServerName:50000/ // your server name and port number

ProxyPassReverse / http://ServerName:50000/ // your server name and port number

ProxyPreserveHost On

save the Httpd.conf file

GENERATING CERTIFICATE

a. Open Command Prompt

b. Reach till bin directory by writing like cd apache\bin

c. Write command bin> openssl req -config openssl.cnf -new -out my-server.csr and put required detail.

d. Write openssl rsa -in privkey.pem -out my-server.key.

e. Write openssl x509 -in my-server.csr -out my-server.cert -req -signkey my-server.key -days 365.

f. Write openssl x509 -in my-server.cert -out my-server.der.crt -outform DER.

g. Create an Apache/conf/ssl directory and move my-server.key and my-server.cert into it.

10. Start Apache services from control panel \ Administrative tools \ services.

11. Now you have made Apache as SSL enabled open browser and test it by https://localhost

Former Member
0 Kudos

hi

I am sorry i have missed some more modules should be Loaded for proxy setting

those are-- ( You can uncomment them from httpd.conf )

LoadModule proxy_module modules/mod_proxy.so

LoadModule proxy_connect_module modules/mod_proxy_connect.so

LoadModule proxy_http_module modules/mod_proxy_http.so

LoadModule proxy_ftp_module modules/mod_proxy_ftp.so

LoadModule negotiation_module modules/mod_negotiation.so

Former Member
0 Kudos

Hi Satyendra

Thanks a lot for the configuration steps.

I have tested with non-ssl configuration and it worked. I am able to login into EP /irj through external Apache web-server.

Still I am facing one more issue in this. It would be grateful if you can help me in this matter.

problem: I am able to login into the EP /irj through the exernal Apache 2.0.49 web-server. Using admin user login I can do all the operations through this external web-server. For other users also the login is functional.

But when I click on logoff link it shows the same page again which displays after doing login. In short it does logoff and again login operation.

Even in the sapum.log file it shows follwing 3 lines regarding user login-logout.

Jul 11, 2005 2:37:09 PM | Warning | iuser1k2 | LOGIN.OK | USERACCOUNT = UACC.PRIVATE_DATASOURCE.un:iuser1k2 | | IP Address=[192.168.13.232]

Jul 11, 2005 2:37:35 PM | Warning | iuser1k2 | LOGOFF.OK | USERACCOUNT = UACC.PRIVATE_DATASOURCE.un:iuser1k2 |

Jul 11, 2005 2:37:35 PM | Warning | iuser1k2 | LOGIN.OK | USERACCOUNT = UACC.PRIVATE_DATASOURCE.un:iuser1k2

Third line indicates login request again after doing log-out.

Should I need to do any specific configuration for this?

Can I specify/configure my own logout url in EP?

Also want to make sure that when we click logoff link, does EP sets the SSO cookie as loggedout, does it sets the header-var as null?

-Mandar

Answers (0)