D.4 Configuring Apache to Point to an SSL Certificate on a Shared Volume for an iFolder Cluster

Use this configuration when one pool is serving all services. This configuration is not useful when each service uses separate pools.

  1. Mount the shared volume. At a terminal console, enter

    mnt /dev/sda1 /mnt/ifolder3
    

    Replace /dev/sda1 with the actual disk or partition containing the file system. Replace /mnt/ifolder3 with the mount point (directory path) of the shared volume.

  2. Do either of the following:

    • Copy the private key (.key file) and the certificate (.cert file) to a location on the mounted shared volume. At a terminal console, enter

      cp ./filename.key /mnt/ifolder3/sharedkey/
      
      cp ./filename.cert /mnt/ifolder3/sharedkey/
      

      Replace filename with the actual file name of your .key and .cert files. Replace the destination path with the location where you want to store the shared key and certificate files.

    • If you have received a single .pem file from the trusted authority, copy that to the shared keydirectory location. At a terminal console, enter

      cp ./filename.pem /mnt/ifolder3/sharedkey/
      
  3. Do either of the following:

    • Edit the Apache SSL configuration file (/etc/apache2/vhosts.d/vhost-ssl.conf) to point to the .key file and .cert file by modifying the values for the following parameters:

      SSLCertificateKeyFile=/mnt/ifolder3/sharedkey/filename.key
      
      SSLCertificateFile=/mnt/ifolder3/sharedkey/filename.cert
      

      Replace the path to the files with the actual location and filename on the shared volume.

    • Edit the Apache SSL configuration file (/etc/apache2/vhosts.d/vhost-ssl.conf) to point to the .pem file by modifying the values for the following parameters:

      SSLCertificateKeyFile=/mnt/ifolder3/sharedkey/filename.pem
      
      SSLCertificateFile=/mnt/ifolder3/sharedkey/filename.pem
      

      WARNING:Ensure that there are no duplicate entries for SSLCertificateKeyFile and SSLCertificateFile in the Apache SSL configuration file.

  4. Restart the Apache server.

    NOTE:Ensure that the shared volume is mounted before you start the Apache server.