如何连接IBM HTTP服务器作为一个反向代理与Artifactory?
2023-01-22 11:07
什么是IHS ?
IBM HTTP Server (IHS)是基于HTTP的web服务器Apache HTTP服务器除了IBM增强之外,还提供了一组Apache特性。
产品说明:
打开Artifactory UI并导航到Admin选项卡-> Configuration -> HTTP设置页面,将“反向代理设置”设置为“Apache”,然后单击保存。
由于IHS类似于Apache HTTP Server,我们可以使用Artifactory生成的反向代理配置,并根据IHS在配置文件中配置模块/参数。
步骤1:安装IBM HTTP服务器,默认配置将在/ opt / IBM / HTTPServer / conf / httpd . conf
步骤2:放置侦听端口80 (http)的样例模板配置,并在配置文件中加载必要的模块
模块:LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
配置:###########################################################
这个配置是由JFrog Artifactory生成的
###########################################################
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
听80
< VirtualHost *: 80 >
ProxyPreserveHost上
ServerName< servername >
ServerAlias *。< servername >
服务器server@admin
特定于应用程序的日志
ErrorLog /var/log/apache/< servername >-error.log
CustomLog /var/log/apache/< servername >-access.log相结合
AllowEncodedSlashes上
RewriteEngine上
rewritecsecond %{SERVER_PORT} (.*)
rewriterrule (.*) - [E=my_server_port:%1]
注意:'REQUEST_SCHEME'头只支持apache 2.4及以上版本
rewritecsecond %{REQUEST_SCHEME} (.*)
rewriterrule (.*) - [E=my_scheme:%1]
rewritecsecond %{HTTP_HOST} (.*)
rewriterrule (.*) - [E=my_custom_host:%1]
RewriteRule”^ / (v2 )/(.*)$" "/ artifactory / 1 / 2美元”[P]
rewriterrule ^/$ /artifactory/webapp/ [R,L]
RewriteRule ^ / artifactory (/) ?$ /artifactory/webapp/ [R,L]
^/artifactory/webapp$ /artifactory/webapp/ [R,L]
请求头设置主机%{my_custom_host}e
请求头设置X-Forwarded-Port %{my_server_port}
注意:{my_scheme}需要一个仅在apache 2.4及以上版本支持的模块
请求头设置x - forward - proto %{my_scheme}e
请求头设置x - artifactory - overrides - base - url %{my_scheme}://< servername >: % {my_server_port} e / artifactory
ProxyPassReverseCookiePath /artifactory /artifactory
ProxyRequests掉
ProxyPreserveHost上
ProxyPass /artifactory/ http://<服务器ip >/ artifactory
ProxyPassReverse /artifactory/ http://<服务器ip >/ artifactory
< /虚拟主机>
如何重写HTTP(80)请求到HTTPS(443)?
rewrite模块可以自动将所有HTTP请求重写为HTTPS。
为了进行安全通信,SSLEnable将为VirtualHost启用SSL,而SSLDisable将禁用VirtualHost外部的SSL
步骤1:在配置文件中加载SSL模块
模块:LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
步骤2:提供在启用SSL的虚拟主机下使用ikeyman生成的KeyFile位置密钥文件/ opt / IBM / HTTPServer / conf / ihsserverkey.kdb
KeyFile指向密钥数据库文件,其中包含浏览器在SSL握手期间所需的个人服务器证书
步骤3:将示例模板放入侦听443的配置文件中
配置:LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
听443
< VirtualHost *: 443 >
ProxyPreserveHost上
ServerName< servername >
ServerAlias *。< servername >
服务器server@admin
SSLEnable
SSLProxyEngine上
密钥文件/ opt / IBM / HTTPServer / conf / ihsserverkey.kdb
特定于应用程序的日志
ErrorLog /var/log/apache/< servername >-error.log
CustomLog /var/log/apache/< servername >-access.log相结合
AllowEncodedSlashes上
RewriteEngine上
rewritecsecond %{SERVER_PORT} (.*)
rewriterrule (.*) - [E=my_server_port:%1]
注意:'REQUEST_SCHEME'头只支持apache 2.4及以上版本
rewritecsecond %{REQUEST_SCHEME} (.*)
rewriterrule (.*) - [E=my_scheme:%1]
rewritecsecond %{HTTP_HOST} (.*)
rewriterrule (.*) - [E=my_custom_host:%1]
RewriteRule”^ / (v2 )/(.*)$" "/ artifactory / 1 / 2美元”[P]
rewriterrule ^/$ /artifactory/webapp/ [R,L]
RewriteRule ^ / artifactory (/) ?$ /artifactory/webapp/ [R,L]
^/artifactory/webapp$ /artifactory/webapp/ [R,L]
请求头设置主机%{my_custom_host}e
请求头设置X-Forwarded-Port %{my_server_port}
注意:{my_scheme}需要一个仅在apache 2.4及以上版本支持的模块
请求头设置x - forward - proto %{my_scheme}e
请求头设置x - artifactory - overrides - base - url %{my_scheme}://< servername >: % {my_server_port} e / artifactory
ProxyPassReverseCookiePath /artifactory /artifactory
ProxyRequests掉
ProxyPreserveHost上
ProxyPass /artifactory/ http://<服务器ip >/ artifactory
ProxyPassReverse /artifactory/ http://<服务器ip >/ artifactory
< /虚拟主机>
SSLDisable
