Setting up secure certificates with lighttpd

apache, https, java, lighttpd

Of late, I’ve started to prefer lighttpd to nginx and Apache for several reasons. The configuration of lighttpd is incredibly easy to get running and I’ve found that speed wise, lighttpd doesn’t run any slower than Apache.

I need to setup secure certificates on lighttpd and so I have written up some basic instructions to get this up and running.

Under the “SSL Support” section, you will find some nice exampls for getting this running. This kind of worked for me, but I wanted to forward all requests on the default port 80 to the HTTPS default port 443.

Once you have your pem file and your ca file, you will need to make sure that every request to port 443 will locate the correct private key as well as the CA.

$SERVER[“socket”] == “:443” {
ssl.engine = “enable”
ssl.pemfile = “/etc/lighttpd/certs/meltwater.pem”
ssl.ca-file = “/etc/lighttpd/certs/chain.crt”
}

From there, it will be important that for each individual host, you will redirect all traffic onto port 80 to 443, whilst also specifying where the actual tomcat port is (if necessary).

$HTTP[“host”] =~ “your.domain.com” {

  1. the below ensures that the hostname is extracted using a regexp, so that the user can be re-directed to https (port 443)

$HTTP[“scheme”] == “http” {
$HTTP[“host”] =~ “.*” {
url.redirect = (“.*” => “https://%0$0”)
}
}

  1. this is of course, optional for if you are running a java application on tomcat, but can be adjusted for any other port or application.

proxy.server = (
“” => (
“tomcat” => (
“host” => “127.0.0.1”,
“port” => 8080,
“fix-redirects” => 1
)
)
)

  1. and finally, where your document root is for the app/page

server.document-root = “/var/app”
accesslog.filename = “/var/log/app/application.log”
}

Setup LAMP and phpMyAdmin from scratch on Ubuntu 10+

apache, lamp, linux, mysql, php, phpmyadmin

It’s really easy to get a LAMP webserver up and running, so I thought I’d post some nice easy instructions for installing on a Ubuntu box.

1) sudo apt-get install mysql-server mysql-client
-> you will need to choose a MySQL Root user password

2) sudo apt-get install apache2
-> confirm in your browser that you are able to view a page for your IP address. This could be localhost, or your local IP address.

3) sudo apt-get install php5 libapache2-mod-php5
-> you’re going to need to install PHP next as above.

4) /etc/init.d/apache2 restart
-> …and of course an Apache restart so that PHP is activated

5) sudo apt-get install phpmyadmin
-> you’re going to be asked which webserver to configure. go for apache2. it’ll then probably request your password you selected for MySQL.

6) vim /etc/apache2/apache2.conf
-> use your favorite editor to open up the apache config file

7) Include /etc/phpmyadmin/apache.conf
-> add the following somewhere in the file.

8) /etc/init.d/apache2 restart

9) http://yourhomepage.com/phpmyadmin
-> test 🙂

Apache failure : Warning: DocumentRoot does not exist

apache

If you notice that when you restart or start httpd/apache and you notice a DocumentRoot does not exist error, but the DocumentRoot does in fact exist; the chances are you need to adjust your settings for /etc/sysconfig/selinux. Simply alter the setting to ‘disabled’ for selinux, reboot the machine, and then attempt to start apache.