Adito notes
Alternate Install Option
After running the configuration, do the following:
- Modify conf/webserver.properties. Change port 7443 to 443
- Add the following lines to *-myadito.conf after ServerAlias and save:
redirect permanent / https://myadito:443
- Restart httpd
- Run ant start
- https://myadito or myadito will allow access
To create certificate used by Apache and Adito, accomplish the following:
- openssl genrsa -out server.key 1024
- openssl req -new -key server.key -x509 -days 1000 -out server.crt
- openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12 -name "adito"
- Password required for PKCS12, must be at least 6 in length
- When doing adito config, import instead of creating a new cert.
- Set type to PKCS12
- Password will be one chosen above for cert
- Name or alias is adito
This will ensure apache and adito use the same cert. Not sure if type matters, X.509 or PKCS12.
root
- yum -y install ant mod_ssl java-1.6.0-openjdk-devel
- export JAVA_HOME=/usr/lib/jvm/jre-1.6.0-openjdk
- create a webapp (myadito)
- cd /var/hda/web-apps/myadito
- chmod -R 777 .
user
- wget http://superb-east.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz
- tar -xf adito-0.9.1-bin.tar.gz
- mv adito-0.9.1/ server/
- cd server/
- ant install
- run the configuration at http://hda:28080/
- do not configure https or 443 - try 7443 and http only
- once done: ant start
- the server should start - at http://hda:7443
- then try to make a proxy to it:
root
- in the /etc/httpd/conf.d/*-myadito.conf file, add:
ProxyPass / http://localhost:7443/ ProxyPassReverse / http://localhost:7443/
- then service httpd restart
- that should work as http ONLY
for https traffic from the net to apache:
- yum install -y mod_ssl
- change port of the virtualhost to 443
options to play with:
SSLProxyEngine On ProxyRemote https://myadito:443/ https://localhost:7443/
ProxyRequests Off ProxyPreserveHost Off
ProxyPass / https://localhost:7443/ ProxyPassReverse / https://localhost:7443/
not all of them at the same time!!
old:
- create a webapp (my-adito)
- cd to it (cd /var/hda/web-apps/my-adito/
- chmod -R 777 .
- wget http://superb-east.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz
- tar -xjf adito-0.9.1-bin.tar.gz
- mv adito-0.9.1/ server/
- cd into server
- cp conf/wrapper.conf.base conf/wrapper.conf
- copy a valid, pre-configured database set of files to the db/ dir
- chmod 777 install/platforms/linux/x86-64/wrapper
- ./install/platforms/linux/x86-64/wrapper /var/hda/web-apps/myadito/server/conf/wrapper.conf wrapper.pidfile=my.pid wrapper.daemonize=FALSE
some guide for f10:
http://www.extrahip.net/node/17
Summary of Manual Install
- Concept: Adito requires Apache Ant to install and root access. The intent is to find a way to patch the source and do everything at the user level. In order to make this a one-click install, the patch would include predefined admin and links pertinent to the Amahi HDA.
- I did an actual install on a VirtualBox F10 32-bit VM with Amahi. As root, I did an install, activated the service, and logged in once to ensure everything worked (see http://wiki.amahi.org/index.php/adito). Once finished, stopped the service and compared the install version with the original source version. Files that were different are listed below:
server/conf: default.keystore.jks server/conf/prefs/system/extensions: prefs.properties server/conf/prefs/system/extensions/versions: prefs.properties server/conf/prefs/system: prefs.properties server/conf/repository/keystore: default.keystore.jks server/conf/repository/PKI: aditoadmin.prv server/conf/repository/PKI: aditoadmin.pub server/conf: webserver.properties server/conf: wrapper.conf server/db: explorer_configuration.backup server/db: explorer_configuration.data server/db: explorer_configuration.log server/db: explorer_configuration.properties server/db: explorer_configuration.script server/db: upgrade.log server/db: versions.log server/lib: tools.jar server/logs: 2009_06_15.request.log server/logs: adito.log server/logs: wrapper.log server/tmp: availableCipherSuites.txt server/tmp: extensions (this is a directory of files) server/tmp: org (this is a directory of files)
- I then made a patch with the different files and started a clean VM. I followed the steps below to do the install without Apache Ant, but still using root access:
yum -y install java-1.6.0-openjdk-devel cd /var/hda/web-apps/ mkdir myadito cd myadito wget http://superb-west.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz tar -xf adito-0.9.1-bin.tar.gz rm -f adito-0.9.1-bin.tar.gz mv adito-0.9.1/ server/ cd server wget adito-0.9.1-patch.zip (this is an archive of changed files between source and install) wget adito-0.9.1-patch.zip unzip adito-0.9.1-patch.zip rm -f adito-0.9.1-patch.zip chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/adito chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/x86/wrapper chmod a+x /var/hda/web-apps/myadito/server/install/platforms/linux/x86-64/wrapper export WRAPPER_CONF="/var/hda/web-apps/myadito/server/conf/wrapper.conf" /var/hda/web-apps/myadito/server/install/platforms/linux/adito start
Once it started, I used FF and went to https://localhost. The service only runs for about 10 sec, then shuts down, so have to be quick. Once I got the 'secure connection failed', I chose 'add exception.' I then did 'get certificate' and the 'confirm exception' button was greyed out. There was no certificate info available and I could not proceed. By this time, the service had also shut down.
I do not know why it shuts down, but it could be related to the certificate problem. There is guidance on the Adito wiki (http://adito.wiki.sourceforge.net/ssl_certificate_management) which provides some direction on manually creating a certificate.