Open Source Document Management System | OpenKM

Because information matters
https://forum.openkm.com/

setup apache as reverse proxy

https://forum.openkm.com/viewtopic.php?t=24391

Page 1 of 1

setup apache as reverse proxy

PostPosted:Sat Nov 13, 2021 6:26 pm
by chocolatie_sr
Hi all,

I am using openKM 6.3.11 CE (installed with postgresql and java 8) on ubuntu 20.04 server. However, I have stumbled upon a writing about not exposing openKM directly to the web but using apache as a reverse proxy:

https://docs.openkm.com/kcenter/view/ok ... proxy.html

I have executed all these steps but still am not able to see the https://mydomain.com (my browser gives an error saying This site can’t be reached)

If I type http://mydomain.com, I get to see the apache standard greeting (Apache2 Ubuntu Default Page)

My /etc/apache2/sites-available/openkm.conf file looks like this
Code: Select all
<VirtualHost *:80>
  ServerName mydomain.com
  Redirect permanent / https://mydomain.com/
</VirtualHost>
<VirtualHost *:443>
  ServerName mydomain.com
  RedirectMatch ^/$ /OpenKM

  # WebSocket support - needs proxy-wstunnel
  ProxyPass /OpenKM/frontend/webSocket wss://127.0.0.1:8080/OpenKM/frontend/webSocket
  ProxyPassReverse /OpenKM/frontend/webSocket wss://127.0.0.1:8080/OpenKM/frontend/webSocket

  ProxyPass /OpenKM ajp://127.0.0.1:8009/OpenKM
  ProxyPassReverse /OpenKM https://mydomain/OpenKM

  ErrorLog /var/log/apache2/mydomain.com-error.log
  CustomLog /var/log/apache2/mydomain.com-access.log combined

  SSLEngine on
  SSLCertificateFile /etc/apache2/ssl/apache.pem
</VirtualHost>
Can somebody help me diagnose this?

Re: setup apache as reverse proxy

PostPosted:Wed Nov 17, 2021 11:40 pm
by chocolatie_sr
OK I went a little bit further with this and installed a FreeBSD virtual machine, installed apache on that and made it the proxy server.

I installed letsencrypt on it and my /usr/local/etc/apache24/extra/httpd-vhosts-le-ssl.conf I have configured as follows:
Code: Select all
<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin myemail@mydomain.com
    DocumentRoot "/usr/local/www/apache24/data/mydomain.com"
    ServerName mydomain.com
    ServerAlias www.mydomain.com
    ErrorLog "/var/log/mydomain.com-error_log"
    CustomLog "/var/log/mydomain.com-access_log" common
    RedirectMatch ^/$ /OpenKM
    ProxyPass /OpenKM/frontend/webSocket wss://192.168.0.200:8080/OpenKM/frontend/webSocket
    ProxyPassReverse /OpenKM/frontend/webSocket wss://192.168.0.200:8080/OpenKM/frontend/webSocket
    ProxyPass /OpenKM ajp://192.168.0.200:8009/OpenKM
    ProxyPassReverse /OpenKM https://mydomain.com/OpenKM
    SSLEngine on
SSLCertificateFile /usr/local/etc/letsencrypt/live/mydomain.com/fullchain.pem
SSLCertificateKeyFile /usr/local/etc/letsencrypt/live/mydomain.com/privkey.pem
Include /usr/local/etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
My ubuntu server is where tomcat is installed by openKM and the server.xml file has these relevant sections:
Code: Select all
<Connector port="8080" address="0.0.0.0" protocol="HTTP/1.1"
               connectionTimeout="20000" Server =" " redirectPort="8443"/>

 <Connector port="8009" address="192.168.0.200" protocol="AJP/1.3" redirectPort="8443"/>

<Engine name="Catalina" defaultHost="localhost">
When I give https://mydomain.com I see the redirect works and I am presented with the login screen of openKM. However, when I put my credentials, and click on login I see the following page in the browser:

https://mydomain.com/OpenKM/frontend/index.jsp

But the screen stays blank

Re: setup apache as reverse proxy

PostPosted:Sun Nov 21, 2021 9:13 am
by jllort
Does the application work with http://SERVER_IP:8080/OpenKM ( that should be the first check -> because maybe problem is not in the proxy ). Take a look at openkm.log file.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited