Steps for adding application domains to the web server configuration files

Before you begin

This procedure requires web server programming skills and requires editing the vhost.conf configuration file.
The home page URL for the new or renamed domains would be as follows:
```
http://<webserver-fully-qualified-domain-name>/<new-appl-domain-name>/public-cgi/camain.rexx
```
where new-appl-domain-name corresponds to the new section name added in the template file in Steps for creating multiple application sections in the PKI Services template file. However, in the web server files, the new name is case-sensitive but does not need to be in uppercase only.
Make note of the case you select for each character of the new new-appl-domain-name name. This case-sensitive value becomes part of the URL for your home page. You must use it consistently in each set of HTTP Server directives as indicated in the vhost.conf configuration files:
- vhost80 - Virtual host file for non-SSL requests.
- vhost443 - Virtual host file for SSL requests with server authentication.
- vhost1443 - Virtual host file for SSL requests with client authentication.
The administration home page URL does not change. (There is one common administration application that handles all application domains.)
If your PKI installation has changed the name of the Customers domain, you must change all occurrences of Customers to its new value in both files. (The new value is not case-sensitive.)
If your installation has added a new application domain, use the following procedure.

Procedure

Perform the following steps to add application domains or rename the Customers application domain in web server virtual host configuration files for each new application section added to pkiserv.tmpl:

Modify each of the following HTTP Server directives in the virtual host configuration files:

vhost80.conf (host file for non-SSL requests):

RewriteRule ^/(PKIServ|Customers|Employees)/ssl-cgi/(.*) https://<server-domain-name>/$1/ssl-cgi-bin/$2 [R,NE]
RewriteRule ^/(PKIServ|Customers|Employees)/clientauth-cgi/(.*) https://<server-domain-name>:1443/$1/clientauth-cgi-bin/$2 [R,NE]
ScriptAliasMatch /(PKIServ|Customers|Employees)/public-cgi/(.*) <application-root>/PKIServ/public-cgi/$2

vhost443.conf (host file for SSL request with server authentication):

RewriteRule ^/(PKIServ|Customers|Employees)/public-cgi/(.*) http://<server-domain-name>/$1/public-cgi/$2 [R,NE,L]
RewriteRule ^/(PKIServ|Customers|Employees)/ssl-cgi/(.*) https://<server-domain-name>/$1/ssl-cgi-bin/$2 [R,NE]
RewriteRule ^/(PKIServ|Customers|Employees)/clientauth-cgi/(.*) https://<server-domain-name>:1443/$1/ clientauth-cgi-bin/$2 [R,NE,L]
ScriptAliasMatch ^/(PKIServ|Customers|Employees)/(public-cgi|ssl-cgi-bin)/(.*) "<application-root>/PKIServ/$2/$3"

<LocationMatch "^/(PKIServ|Customers|Employees)/ssl-cgi-bin(/(auth|surrogateauth))?/cagetcert.rexx">
Charsetoptions TranslateAllMimeTypes
</LocationMatch>

vhost1443.conf (host file for SSL requests with client authentication):

RewriteRule ^/(PKIServ|Customers|Employees)/public-cgi/(.*) http://<server-domain-name>/$1/public-cgi/$2 [R,NE,L]
RewriteRule ^/(PKIServ|Customers|Employees)/ssl-cgi/(.*) https://<server-domain-name>/$1/ssl-cgi-bin/$2 [R,NE,L]
ScriptAliasMatch ^/(PKIServ|Customers|Employees)/(clientauth-cgi|clientauth-cgi-bin)/(.*) "<application-root>/
 PKIServ/clientauth-cgi-bin/$3"

<LocationMatch "^/(PKIServ|Customers|Employees)/clientauth-cgi-bin/auth/pkicmp">
CharsetOptions NoTranslateRequestBodies
</LocationMatch>

Start of change In contrast to the application section name, the domain name value is case-sensitive and does not need to be uppercase. However, you must use it consistently in each of the HTTP Server directives in the virtual host configuration files. This value becomes part of the URL for your home page. End of change

Start of change When you are done, you have defined a new PKI Services application domain at: End of change

Example

http://<webserver-fully-qualified-domain-name>/employees/public-cgi/camain.rexx