Adito notes

From Amahi Wiki
Jump to: navigation, search

Alternate Install Option

After running the configuration, do the following:

  • Modify conf/webserver.properties. Change port 7443 to 443
  • Add the following lines to *-myadito.conf after ServerAlias and save:
redirect permanent / https://myadito:443


To create certificate used by Apache and Adito, accomplish the following:

  • openssl genrsa -out server.key 1024
  • openssl req -new -key server.key -x509 -days 1000 -out server.crt
  • openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -name "adito"
    • Password required for PKCS12, must be at least 6 in length
  • When doing adito config, import instead of creating a new cert.
    • Set type to PKCS12
    • Password will be one chosen above for cert
    • Name or alias is adito

This will ensure apache and adito use the same cert. Not sure if type matters, X.509 or PKCS12.



root

  • yum -y install ant mod_ssl java-1.6.0-openjdk-devel
  • export JAVA_HOME=/usr/lib/jvm/jre-1.6.0-openjdk
  • create a webapp (myadito)
  • cd /var/hda/web-apps/myadito
  • chmod -R 777 .

user

  • then try to make a proxy to it:

root

  • in the /etc/httpd/conf.d/*-myadito.conf file, add:
       ProxyPass / http://localhost:7443/
       ProxyPassReverse / http://localhost:7443/
  • then service httpd restart
  • that should work as http ONLY

for https traffic from the net to apache:

  • yum install -y mod_ssl
  • change port of the virtualhost to 443

options to play with:


       SSLProxyEngine On
       ProxyRemote https://myadito:443/ https://localhost:7443/
       ProxyRequests Off
       ProxyPreserveHost Off
       ProxyPass / https://localhost:7443/
       ProxyPassReverse / https://localhost:7443/

not all of them at the same time!!



old:

  • create a webapp (my-adito)
  • cd to it (cd /var/hda/web-apps/my-adito/
  • chmod -R 777 .
  • wget http://superb-east.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz
  • tar -xjf adito-0.9.1-bin.tar.gz
  • mv adito-0.9.1/ server/
  • cd into server
  • cp conf/wrapper.conf.base conf/wrapper.conf
  • copy a valid, pre-configured database set of files to the db/ dir
  • chmod 777 install/platforms/linux/x86-64/wrapper
  • ./install/platforms/linux/x86-64/wrapper /var/hda/web-apps/myadito/server/conf/wrapper.conf wrapper.pidfile=my.pid wrapper.daemonize=FALSE

some guide for f10:

http://www.extrahip.net/node/17


Summary of Manual Install

  • Concept: Adito requires Apache Ant to install and root access. The intent is to find a way to patch the source and do everything at the user level. In order to make this a one-click install, the patch would include predefined admin and links pertinent to the Amahi HDA.
  • I did an actual install on a VirtualBox F10 32-bit VM with Amahi. As root, I did an install, activated the service, and logged in once to ensure everything worked (see http://wiki.amahi.org/index.php/adito). Once finished, stopped the service and compared the install version with the original source version. Files that were different are listed below:
server/conf: default.keystore.jks
server/conf/prefs/system/extensions: prefs.properties
server/conf/prefs/system/extensions/versions: prefs.properties
server/conf/prefs/system: prefs.properties
server/conf/repository/keystore: default.keystore.jks
server/conf/repository/PKI: aditoadmin.prv
server/conf/repository/PKI: aditoadmin.pub
server/conf: webserver.properties
server/conf: wrapper.conf
server/db: explorer_configuration.backup
server/db: explorer_configuration.data
server/db: explorer_configuration.log
server/db: explorer_configuration.properties
server/db: explorer_configuration.script
server/db: upgrade.log
server/db: versions.log
server/lib: tools.jar
server/logs: 2009_06_15.request.log
server/logs: adito.log
server/logs: wrapper.log
server/tmp: availableCipherSuites.txt
server/tmp: extensions (this is a directory of files)
server/tmp: org  (this is a directory of files)
  • I then made a patch with the different files and started a clean VM. I followed the steps below to do the install without Apache Ant, but still using root access:
yum -y install java-1.6.0-openjdk-devel
cd /var/hda/web-apps/
mkdir myadito
cd myadito
wget http://superb-west.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz 
tar -xf adito-0.9.1-bin.tar.gz
rm -f adito-0.9.1-bin.tar.gz
mv adito-0.9.1/ server/
cd server
wget adito-0.9.1-patch.zip (this is an archive of changed files between source and install)
wget adito-0.9.1-patch.zip
unzip adito-0.9.1-patch.zip
rm -f adito-0.9.1-patch.zip
chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/adito
chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/x86/wrapper
chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/x86-64/wrapper
export WRAPPER_CONF="/var/hda/web-apps/myadito/server/conf/wrapper.conf"
/var/hda/web-apps/myadito/server/install/platforms/linux/adito start

Once it started, I used FF and went to https://localhost. The service only runs for about 10 sec, then shuts down, so have to be quick. Once I got the 'secure connection failed', I chose 'add exception.' I then did 'get certificate' and the 'confirm exception' button was greyed out. There was no certificate info available and I could not proceed. By this time, the service had also shut down.

I do not know why it shuts down, but it could be related to the certificate problem. There is guidance on the Adito wiki (http://adito.wiki.sourceforge.net/ssl_certificate_management) which provides some direction on manually creating a certificate.