Configuring Apache to work with Caché DBMS on Linux
Generally speaking, the InterSystems Caché comes with an Apache embedded web server. The built-in server is designed for the development and administration of the Caché instance and is built with some restrictions . There are recipes for eliminating these limitations, but a more general approach is to use a full-fledged web server for production. The article describes how to configure Apache to work with Caché and the organization https access. All actions were performed on Ubuntu, but the configuration on other Linux distributions is not fundamentally different.
We assume that Caché is already installed in the / InterSystems / Cache directory (how to install Caché on Linux, read here ).
Caché comes with the Apache module, go to the / InterSystems / Cache / csp / bin folder and find one of the module files there:
Now you need to install Apache. We are looking for a suitable repository on the site , for example for CSPa24.so any version 2.4.x is needed, and the repository http://ru.archive.ubuntu.com/ubuntu/ saucy main contains Apache version 2.4.6. Add it to the list of repositories:
Update the list of packages:
Install Apache, for this we add the necessary packages:
After installation, make sure that the installed version of Apache meets expectations:
You also need to make sure that in the list of Apache modules there is mod_so, the list of modules is displayed using:
So Apache is up and running. To check, type the ip of the server in the browser address bar - a page should appear that looks something like this:
For this we need to change the configuration of Apache. Editing files:
Restart Apache:
Now at http: // <ip> /csp/sys/UtilHome.csp the system management portal should open:
')
Next, add the ability to connect using ssl. To do this, we will generate the server certificate, sign it ourselves (not recommended) or from the CA. Very detailed guide here or here.
As a result, we have 3 files: a private server key, a server certificate and a CA certificate.
Add the ssl module to Apache:
Create a file with the site configuration: etc / apache2 / sites-enabled / 001-ssl.conf and add to it:
The Server Name must match the commonName parameter in the server certificate, you must also specify the correct paths for the server key file, server certificate and CA certificate — SSLCertificateKeyFile, SSLCertificateFile, SSLCACertificateFile, respectively.
Restart Apache:
Now at https: // <ip> /csp/sys/UtilHome.csp the system management portal should open:
Apache configuration files
Caché Documentation
Caché and Apache
Caché and Apache for Windows
Caché and SSL
Choosing Apache
We assume that Caché is already installed in the / InterSystems / Cache directory (how to install Caché on Linux, read here ).
Caché comes with the Apache module, go to the / InterSystems / Cache / csp / bin folder and find one of the module files there:
- CSPa22.so (Apache Version 2.2.x)
- CSPa24.so (Apache Version 2.4.x)
- CSPa20.so (Apache Version 2.0.x)
- CSPa.so (Apache Version 1.3.x)
Now you need to install Apache. We are looking for a suitable repository on the site , for example for CSPa24.so any version 2.4.x is needed, and the repository http://ru.archive.ubuntu.com/ubuntu/ saucy main contains Apache version 2.4.6. Add it to the list of repositories:
nano /etc/apt/sources.list deb http://ru.archive.ubuntu.com/ubuntu/ saucy main Update the list of packages:
apt-get update Install apache
Install Apache, for this we add the necessary packages:
apt-get install apache2 zlib1g-dev After installation, make sure that the installed version of Apache meets expectations:
apache2 -v You also need to make sure that in the list of Apache modules there is mod_so, the list of modules is displayed using:
apache2 -l So Apache is up and running. To check, type the ip of the server in the browser address bar - a page should appear that looks something like this:
Connect Caché and Apache
For this we need to change the configuration of Apache. Editing files:
- / etc / apache2 / envvars - contains environment variables. Set the values of the variables APACHE_RUN_USER and APACHE_RUN_GROUP to cacheusr
- /etc/apache2/apache2.conf is the main configuration file. Add lines in the module configuration section
CSPModulePath /InterSystems/Cache/csp/bin/ LoadModule csp_module_sa /InterSystems/Cache/csp/bin/CSPa24.so AddHandler csp-handler-sa csp cls cxw zen - /etc/apache2/sites-enabled/000-default.conf - site configuration.
<VirtualHost *:80> ServerName cachesys DocumentRoot "/InterSystems/Cache/csp" ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined LogLevel debug <Location /> CSP On SetHandler csp-handler-sa </Location> <Location "/csp/bin/Systems/"> SetHandler csp-handler-sa </Location> <Location "/csp/bin/RunTime/"> SetHandler csp-handler-sa </Location> DirectoryIndex index.csp index.php index.html index.htm </VirtualHost>
Restart Apache:
service apache2 restart Now at http: // <ip> /csp/sys/UtilHome.csp the system management portal should open:
')
SSL
Next, add the ability to connect using ssl. To do this, we will generate the server certificate, sign it ourselves (not recommended) or from the CA. Very detailed guide here or here.
As a result, we have 3 files: a private server key, a server certificate and a CA certificate.
Add the ssl module to Apache:
a2enmod ssl Create a file with the site configuration: etc / apache2 / sites-enabled / 001-ssl.conf and add to it:
<IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName <Server Certificate commonName> DocumentRoot /InterSystems/Cache/csp ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <Location /> CSP On SetHandler csp-handler-sa </Location> <Location "/csp/bin/Systems/"> SetHandler csp-handler-sa </Location> <Location "/csp/bin/RunTime/"> SetHandler csp-handler-sa </Location> DirectoryIndex index.csp index.php index.html index.htm SSLEngine on SSLCertificateKeyFile /InterSystems/Cache/mgr/SSLcert/server_key.pem SSLCertificateFile /InterSystems/Cache/mgr/SSLcert/server_crt.crt SSLCACertificateFile /InterSystems/Cache/mgr/SSLcert/cacert.crt SSLVerifyDepth 10 SSLCipherSuite TLSv1:SSLv3:!ADH:!LOW:!EXP:@STRENGTH SSLOptions +StdEnvVars DirectoryIndex index.csp index.php index.html index.htm </VirtualHost> </IfModule> The Server Name must match the commonName parameter in the server certificate, you must also specify the correct paths for the server key file, server certificate and CA certificate — SSLCertificateKeyFile, SSLCertificateFile, SSLCACertificateFile, respectively.
Restart Apache:
service apache2 restart Now at https: // <ip> /csp/sys/UtilHome.csp the system management portal should open:
useful links
Apache configuration files
Caché Documentation
Caché and Apache
Caché and Apache for Windows
Caché and SSL
Source: https://habr.com/ru/post/220425/
All Articles