Steps for adding application domains to the web server configuration files
Before you begin
- This procedure requires web server programming skills and requires editing the vhost.conf configuration file.
- The home page URL for the new or renamed domains would be as follows:
where new-appl-domain-name corresponds to the new section name added in the template file in Steps for creating multiple application sections in the PKI Services template file. However, in the web server files, the new name is case-sensitive but does not need to be in uppercase only.http://<webserver-fully-qualified-domain-name>/<new-appl-domain-name>/public-cgi/camain.rexx
- Make note of the case you select for each character
of the new new-appl-domain-name name. This case-sensitive
value becomes part of the URL for your home page. You must use it
consistently in each set of HTTP Server directives as indicated in
the vhost.conf configuration files:
- vhost80 - Virtual host file for non-SSL requests.
- vhost443 - Virtual host file for SSL requests with server authentication.
- vhost1443 - Virtual host file for SSL requests with client authentication.
- The administration home page URL does not change. (There is one common administration application that handles all application domains.)
- If your PKI installation has changed the name of the Customers domain, you must change all occurrences of Customers to its new value in both files. (The new value is not case-sensitive.)
- If your installation has added a new application domain, use the following procedure.
Procedure
Perform the following
steps to add application domains or rename the Customers application
domain in web server virtual host configuration files for each new
application section added to pkiserv.tmpl:
- Modify each of the following HTTP Server directives
in the virtual host configuration files:vhost80.conf (host file for non-SSL requests):
RewriteRule ^/(PKIServ|Customers|Employees)/ssl-cgi/(.*) https://<server-domain-name>/$1/ssl-cgi-bin/$2 [R,NE] RewriteRule ^/(PKIServ|Customers|Employees)/clientauth-cgi/(.*) https://<server-domain-name>:1443/$1/clientauth-cgi-bin/$2 [R,NE] ScriptAliasMatch /(PKIServ|Customers|Employees)/public-cgi/(.*) <application-root>/PKIServ/public-cgi/$2
vhost443.conf (host file for SSL request with server authentication):RewriteRule ^/(PKIServ|Customers|Employees)/public-cgi/(.*) http://<server-domain-name>/$1/public-cgi/$2 [R,NE,L] RewriteRule ^/(PKIServ|Customers|Employees)/ssl-cgi/(.*) https://<server-domain-name>/$1/ssl-cgi-bin/$2 [R,NE] RewriteRule ^/(PKIServ|Customers|Employees)/clientauth-cgi/(.*) https://<server-domain-name>:1443/$1/ clientauth-cgi-bin/$2 [R,NE,L] ScriptAliasMatch ^/(PKIServ|Customers|Employees)/(public-cgi|ssl-cgi-bin)/(.*) "<application-root>/PKIServ/$2/$3"
<LocationMatch "^/(PKIServ|Customers|Employees)/ssl-cgi-bin(/(auth|surrogateauth))?/cagetcert.rexx"> Charsetoptions TranslateAllMimeTypes </LocationMatch>
vhost1443.conf (host file for SSL requests with client authentication):RewriteRule ^/(PKIServ|Customers|Employees)/public-cgi/(.*) http://<server-domain-name>/$1/public-cgi/$2 [R,NE,L] RewriteRule ^/(PKIServ|Customers|Employees)/ssl-cgi/(.*) https://<server-domain-name>/$1/ssl-cgi-bin/$2 [R,NE,L] ScriptAliasMatch ^/(PKIServ|Customers|Employees)/(clientauth-cgi|clientauth-cgi-bin)/(.*) "<application-root>/ PKIServ/clientauth-cgi-bin/$3" <LocationMatch "^/(PKIServ|Customers|Employees)/clientauth-cgi-bin/auth/pkicmp"> CharsetOptions NoTranslateRequestBodies </LocationMatch>
In contrast to the application section name, the domain name value is case-sensitive and does not need to be uppercase. However, you must use it consistently in each of the HTTP Server directives in the virtual host configuration files. This value becomes part of the URL for your home page.
When you are done, you have defined a new PKI Services application domain at:
Example
http://<webserver-fully-qualified-domain-name>/employees/public-cgi/camain.rexx