× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Basically what Kevin has here is what I do.  I have a single instance that is a reverse proxy instance for all of the servers I host: PHP, JRuby, CGIDEV2, Tomcat, Liferay...I have multiples that all live on different internal IP's and the reverse proxy instance handles the "routing" to each server instance.

LetsEncrypyt provides the SSL Certs for the instances that need it (pretty much getting to be all web domains require SSL these days...)

Once you get the hang of it and develop a "recipe" for adding server instances, it's pretty easy.  I'll be presenting a Letsencrypt/DCM session at Common this spring here in my own "backyard" - San Antonio...


Pete Helgren
www.petesworkshop.com
GIAC Secure Software Programmer-Java
Twitter - Sys_i_Geek IBM_i_Geek

On 1/25/2018 7:36 AM, Kevin Bucknum wrote:
SNI works fine with zendserver on the i. I've been configuring apache
servers for so long, that I just do it now, and haven't had to look
around for any kind of instructions lately. Any basic walkthrough for
setting up named virtual hosts should work. To answer your other
question about multiple certificates. I'm 90% sure that I had it
working, but that was several years ago, and the memory is fuzzy. I
could try again real quick to see if it works. There are a couple of
directives in the IBM apache implantation that are different from
standard, and one of them controls the certificate used. SSLAppName
points to a name in the DCM which controls which certificate is used. As
I recall the only confusing thing was getting the application set up in
the DCM. If you have issues setting it up, I can create a letsencrypt
cert and try and pop a new named instance on my box. It would probably
be tomorrow before I can do that however. Here is my current apache
config with several named hosts running different code bases.

#s Configuration originally created by Create HTTP Server wizard on Tue
Apr 11 01:53:18 CDT 2006
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM

LoadModule zend_enabler_module /QSYS.LIB/QHTTPSVR.LIB/QZFAST.SRVPGM
LoadModule ibm_ssl_module /QSYS.LIB/QHTTPSVR.LIB/QZSRVSSL.SRVPGM

Listen *:10081
NameVirtualHost *:10081
Listen *:10080
NameVirtualHost *:10080
DocumentRoot /www/zendsvr6/htdocs

DefaultFsCCSID 37
CGIJobCCSID 37

<VirtualHost *:10080>
Include /usr/local/zendsvr6/etc/sites.d/zend-default-vhost-10080.conf
</VirtualHost>
Listen *:443
Options -ExecCGI -FollowSymLinks -SymLinksIfOwnerMatch -Includes
-IncludesNoExec -Indexes -MultiViews
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%{Cookie}n \"%r\" %t" cookie
LogFormat "%{User-agent}i" agent
LogFormat "%{Referer}i -> %U" referer
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log combined
SetEnvIf "User-Agent" "Mozilla/2" nokeepalive
SetEnvIf "User-Agent" "JDK/1\.0" force-response-1.0
SetEnvIf "User-Agent" "Java/1\.0" force-response-1.0
SetEnvIf "User-Agent" "RealPlayer 4\.0" force-response-1.0
SetEnvIf "User-Agent" "MSIE 4\.0b2;" nokeepalive
SetEnvIf "User-Agent" "MSIE 4\.0b2;" force-response-1.0
DefaultFsCCSID 37
CGIJobCCSID 37

DirectoryIndex index.php index.html
CgiConvMode %%MIXED/MIXED%%
TimeOut 30000
KeepAlive Off
HotBackup Off
NameVirtualHost *:443

#AddCharset UTF-8 .utf8
#AddCharset utf-8 .utf8
#AddCharset utf-7 .utf7
AddCharset UTF-8 .htm .html .xml

# zend fastcgi
AddType application/x-httpd-php .php
AddHandler fastcgi-script .php


RewriteEngine on

<Directory />
Order Deny,Allow
Deny From all
</Directory>

# Allow requests for files in document root

<Directory /www/zendsvr6/htdocs>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>

<Directory /usr/local/zendsvr6/var/apps>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>
<Directory /www/medpmdemo>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>

<Directory /www/programming>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>

<Directory /www/kevin_dev>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>

<Directory /www/waynehdev>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>

<Directory /www/jeremyldev>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>




<Directory /www/mounika_dev>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>
<Directory /www/medpmweb>
Options FollowSymLinks
order allow,deny
allow from all
AllowOverride all
</Directory>
<VirtualHost *:10081>
RedirectMatch ^/$ /ZendServer/
DocumentRoot /usr/local/zendsvr6/gui/public/
<Directory /usr/local/zendsvr6/gui>
Options FollowSymLinks
AllowOverride None
order allow,deny
Allow from all
</Directory>

<Location /ZendServer>
order allow,deny
Allow from all
</Location>

Alias /ZendServer "/usr/local/zendsvr6/gui/public"

<Directory "/usr/local/zendsvr6/gui/public">
AllowOverride All
order allow,deny
Allow from all
</Directory>
</VirtualHost>


<Location /Zend5250Demos>
Order deny,allow
Allow from all
</Location>

<Location /Zend5250Login>
Order deny,allow
Allow from all
</Location>

Alias /Zend5250Demos /usr/local/zendsvr6/5250/demos
Alias /Zend5250Login /usr/local/zendsvr6/5250/Generator/Form
Alias /Zend5250Appl /usr/local/zendsvr6/5250/Welcome


<Directory "/www/zendsvr6/htdocs/Zend5250Emulator">
Options FollowSymLinks
AllowOverride All
</Directory>

IncludeOptional /usr/local/zendsvr6/etc/sites.d/globals-*.conf
IncludeOptional /usr/local/zendsvr6/etc/sites.d/vhost_*.conf

Listen 127.0.0.1:10083
NameVirtualHost 127.0.0.1:10083
<VirtualHost 127.0.0.1:10083>
Alias /UserServer /usr/local/zendsvr6/share/UserServer
DocumentRoot /usr/local/zendsvr6/share/UserServer
<Directory /usr/local/zendsvr6/share/UserServer>
AllowOverride All
Allow from all
</Directory>
</VirtualHost>

#XML Toolkit http settings
ScriptAlias /cgi-bin/ /QSYS.LIB/ZENDSVR6.LIB/
<Directory /QSYS.LIB/ZENDSVR6.LIB/>
AllowOverride None
order allow,deny
allow from all
SetHandler cgi-script
Options +ExecCGI
</Directory>
#End XML Toolkit http settings

#/* keep access logs 30 days, error logs 30 days, FastCGI logs 30 days
#/LogMaint logs/access_log 30 0
#/LogMaint logs/error_log 30 0
#//LogMaint logs/error_zfcgi 30 0

#/ Maintain Logs at 3 am (0 = midnight, 23 = 11 pm, etc)
#/ Set for an hour when the server is active (i.e. not during an IPL or
backup, for example)
<Location /phpmyadmin>
Order deny,allow
Allow from all
</Location>
<VirtualHost *:443>
ServerName dev.medtronsoftware.com
DocumentRoot /www/medpmweb/public
SSLEngine On
SSLAppName QIBM_HTTP_SERVER_ZENDSVR
SSLCacheEnable
SetEnv HTTPS_PORT 443
</VirtualHost>
<VirtualHost *:443>
ServerName kevin.dev.medtronsoftware.com
DocumentRoot /www/kevin_dev/public
SSLEngine On
SSLAppName QIBM_HTTP_SERVER_ZENDSVR
SSLCacheEnable
SetEnv HTTPS_PORT 443
</VirtualHost>
<VirtualHost *:443>
ServerName mounika.dev.medtronsoftware.com
DocumentRoot /www/mounika_dev/public
SSLEngine On
SSLAppName QIBM_HTTP_SERVER_ZENDSVR
SSLCacheEnable
SetEnv HTTPS_PORT 443
</VirtualHost>
<VirtualHost *:443>
ServerName wayneh.dev.medtronsoftware.com
DocumentRoot /www/waynehdev/medpmweb/public
SSLEngine On
SSLAppName QIBM_HTTP_SERVER_ZENDSVR
SSLCacheEnable
SetEnv HTTPS_PORT 443
</VirtualHost>
<VirtualHost *:443>
ServerName jeremyldev.medtronsoftware.com
DocumentRoot /www/jeremyldev/medpmweb/public
SSLEngine On
SSLAppName QIBM_HTTP_SERVER_ZENDSVR
SSLCacheEnable
SetEnv HTTPS_PORT 443
</VirtualHost>
<VirtualHost *:443>
ServerName programming.medtronsoftware.com
DocumentRoot /www/programming/public
SSLEngine On
SSLAppName QIBM_HTTP_SERVER_ZENDSVR
SSLCacheEnable
SetEnv HTTPS_PORT 443
</VirtualHost>
<VirtualHost *:443>
ServerName medpmdemo.medtronsoftware.com
DocumentRoot /www/medpmdemo/public
SSLEngine On
SSLAppName QIBM_HTTP_SERVER_ZENDSVR
SSLCacheEnable
SetEnv HTTPS_PORT 443
</VirtualHost>




Kevin Bucknum
Senior Programmer Analyst
MEDDATA/MEDTRON
Tel: 985-893-2550
-----Original Message-----
From: WEB400 [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Don
Brown
Sent: Thursday, January 25, 2018 3:20 AM
To: Web400@Midrange. Web400
Subject: [WEB400] Multiple http servers for zendphp7

I am trying to find a cheat sheet or step by step instructions to have
multiple
http servers all running php.

Reason being I have 4 different domain names and to enable ssl on each
I
need 4 http servers on 4 different ip addresses.

I am also exploring SAN ssl certificates but want to explore both
options first.
Does anyone have multiple http servers providing php and are there any
concerns / problems that I should be aware of ?

Thanks for any assistance

IBMi V7R2 and V7R3

Don Brown


--
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400)
mailing list
To post a message email: WEB400@xxxxxxxxxxxx To subscribe,
unsubscribe,
or change list options,
visit: https://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives at
https://archive.midrange.com/web400.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.