Search This Blog

Wednesday, August 22, 2012



A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. SSL has become part of an overall security protocol known as Transport Layer Security (TLS).

Look for the "s" after "http" in the address whenever you are about to enter sensitive information, such as a credit-card number, into a form on a Web site.

In your browser, you can tell when you are using a secure protocol, such as TLS, in a couple of different ways. You will notice that the "http" in the address line is replaced with "https," and you should see a small padlock in the status bar at the bottom of the browser window. When you're accessing sensitive information, such as an online bank account or a payment transfer service like PayPal or Google Checkout, chances are you'll see this type of format change and know your information will most likely pass along securely.
TLS and its predecessor SSL make significant use of certificate authorities. Once your browser requests a secure page and adds the "s" onto "http," the browser sends out the public key and the certificate, checking three things: 1) that the certificate comes from a trusted party; 2) that the certificate is currently valid; and 3) that the certificate has a relationship with the site from which it's coming.

The padlock symbol lets you know that you are using encryption.
The browser then uses the public key to encrypt a randomly selected symmetric key. Public-key encryption takes a lot of computing, so most systems use a combination of public-key and symmetric key encryption. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated.

Monday, August 20, 2012

Red Hat web server configuration for Mod_jk

Red Hat web server  configuration for Mod_jk 

In order to start the  EWS for Mod_jk 
Step 1:   First extract the Zip file go to  the folder C:\RHATews-1.0.2-windows32-i386\Red            Hat\Enterprise Web Server\etc\httpd\conf

Step 2 :  Rename the File to httpd.conf

Step 3  : Change the Default Listen  Listen to Listen *:80

Step 4 : Change  the following to their Corresponding LIB Folder
               Ex : LoadModule auth_basic_module ../../lib/httpd/modules/

Step 4 : Include the following for the MOD_JK Configuration,

              # Include mod_jk's specific configuration file 
              Include conf/mod_jk.conf
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

Step 5 :  Now Rename the file  mod_jk.conf.sample to mod_jk

Step 6 :  Replace the following LoadModule jk_module modules/    to     
             LoadModule jk_module ../../lib/httpd/modules/

Step 7 :  Provide your application name
# Mount your applications
JkMount /application/* loadbalancer  

Step 8 : Comment the Deny location

Step 9 : Rename the   to  uriworkermap

Step 10 : Remove all  and just add the below,

# Simple worker configuration file
# Mount the Servlet context to the ajp13 worker
Step 11 :Rename the  to  workers
Define the JBOSS EAP SERVER BOX  IP and its Port No in the following
Provide the Node Details
# Define Node1
# modify the host as your host IP or DNS name.

# Define Node2
# modify the host as your host IP or DNS name.

Step 12 :Enable the Sticky session by adding the following bold line
# Load-balancing behavior

Step 13 : Move to the Folder C:\RHATews-1.0.2-windows32-i386\Red Hat\Enterprise Web    Server\etc\httpd\conf.d

Step 14 :Rename the Following File   to manual

Step 15 :Rename the following file to  proxy_ajp

Change the following ,
LoadModule proxy_ajp_module ../../lib/httpd/modules//

Step 16 :Rename the file  to  ssl               
Change the following,
LoadModule ssl_module ../../lib/httpd/modules//
Listen localhost:443 to Listen 443

Step 17 :Uncomment the following line and add the Server Name and Server Admin
DocumentRoot "/Program Files/Red Hat/Enterprise Web Server/var/www/html"
ServerName localhost:443

Step 18 : Add the following ,
JkMountCopy On
JkMount /ghie/* loadbalancer

Step 19 :Rename the file  to   welcome.

Step 20 :Add a Folder  logs,run in  the following path  C:\RHATews-1.0.2-windows32-i386\Red Hat\Enterprise Web Server\etc\httpd

Step 21 :Rename the File   to  mime.types in the path  C:\RHATews-1.0.2-windows32-i386\Red Hat\Enterprise Web Server\etc

Step 22:Rename the File   to  charset.conv in the path  C:\RHATews-1.0.2-windows32-i386\Red Hat\Enterprise Web Server\etc

Step 23 :In the following path add your Index HTML Page so that it will be displayed for you while running the EWS,
C:\RHATews-1.0.2-windows32-i386\Red Hat\Enterprise Web Server\var\www\html

Step 24 :To Start the Server  go to the folder C:\RHATews-1.0.2-windows32-i386\Red Hat\Enterprise Web Server\bin
Run using the httpd.exe

Configuration of  Jboss EAP Server 6.0

To  do clustering we need two different box  with Jboss EAP Server 6.0

NOTE :Make the following changes in BOX 1 which is Node 1 in MOD_JK

Step 25 :Copy the folder Standalone and save it in the same path and rename it as  standalone-node1

Step 26 :Add the Following in Standalone.xml file
Note :In the certificate –file provide your keystore file that you have created for ssl


Step27 :In the  standalone-ha.xml add the following,
Provide the Name for  the  server

Step 28 :Change the default-stack from udp to tcp

Step 29 :Include the following  under  
 node1 ip([7600]),node2 ip([7600])

Step 30 :Add the following  instance-id  ,connector ajp and https line under the subsystem urn:jboss:domain:web:1.1

 <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" instance-id="${}" native="false">

Step 31 :Deploy your project under deployement folder.

Step 32 :To Start the Jboss EAP Server 6.0 in cluster mode use the following command,
C:\EAP-6.0.0.GA\jboss-eap-6.0\bin>standalone.bat -c standalone-ha.xml –b Hostname( -Djboss.server.base.dir=../standalone-node1
standalone.bat -c standalone-ha.xml –b -Djboss.server.base.dir=../standalone-node1
standalone.bat -c standalone-ha.xml –b -Djboss.server.base.dir=../standalone-node2

Do the same for the Jboss EAP Server 2 and replace Standalone-node1 to standalone-node2.

Hit Counter

View My Stats