Using Tomcat with Apache (mod jk)
Article Information |
---|
This article applies to the following ZCS versions. |
Note: see also Hosting_other_sites_with_Zimbra, ZimbraApache, and Zimbra_with_Apache_using_mod_jk.
As standard, Zimbra runs itself on port 80. However, this means you can't use Apache or access any other website through that server. If you are using your server only as a groupware box, this is no bother. But if you are using it in the situation I am with other servers, this is no good. This tutorial will:
a.) Configure Tomcat to host on Port 7070 (as in M1) and 7443 for the SSL port
b.) Download and install the mod_jk RPM
c.) Configure mod_jk to access Zimbra on http://your-custome-apache-server/zimbra/
d.) Configure Apache to start on system boot
Original Tutorial from the forums [1]
a.) Configure Tomcat to host on Port 7070 (as in M1)
zmprov ms <servername> zimbraMailPort 7070
zmprov ms <servername> zimbraMailSSLPort 7443
b.) Download and install the mod_jk RPM
For CentOS 4.2:
wget http://mirrors.dotsrc.org/jpackage/1.6/redhat-el-3.0/free/RPMS/mod_jk-ap20-1.2.14.1-2jpp.i386.rpm rpm -ivh mod_jk-ap20-1.2.14.1-2jpp.i386.rpm
For other distributions: Make sure that Apache has the mod_jk.so module located in the modules folder.
Edit server.xml
/opt/zimbra/tomcat/conf $ diff -u server.xml.bak server.xml --- server.xml.bak 2006-02-27 15:03:24.000000000 -0500 +++ server.xml 2006-02-24 13:35:21.000000000 -0500 @@ -34,6 +34,8 @@ clientAuth="false" sslProtocol="TLS" keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/> + <Connector port="8009" + enableLookups="false" redirectPort="8443" protocol="AJP/1.3" /> <Engine name="Catalina" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" />
Edit server.xml.in
/opt/zimbra/tomcat/conf $ diff -u server.xml.in.orig server.xml.in --- server.xml.in.orig 2006-02-27 15:05:21.000000000 -0500 +++ server.xml.in 2006-02-24 12:51:40.000000000 -0500 @@ -34,6 +34,8 @@ clientAuth="false" sslProtocol="TLS" keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/> + <Connector port="8009" + enableLookups="false" redirectPort="8443" protocol="AJP/1.3" /> <Engine name="Catalina" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" />
Create the workers.properties file /etc/httpd/conf.d/workers.properties
worker.list=localhost worker.localhost.port=8009 worker.localhost.host=localhost worker.localhost.type=ajp13 worker.localhost.lbfactor=1 workers.tomcat_home=/opt/zimbra/tomcat5 workers.java_home=/opt/zimbra/java
Next, configure Apache by editing httpd.conf or vhost specific file.
# Load mod_jk module LoadModule jk_module modules/mod_jk.so # Where to find workers.properties JkWorkersFile /etc/httpd/conf.d/workers.properties # Where to put jk logs JkLogFile /var/log/httpd/mod_jk.log # Set the jk log level [debug/error/info] JkLogLevel debug # SHM info JkShmFile /etc/httpd/logs/jk.shm JkShmSize 10M # Select the log format JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " # JkOptions indicate to send SSL KEY SIZE, JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories # JkRequestLogFormat set the request format JkRequestLogFormat "%w %V %T" # JkMount points JkMount /zimbra/* localhost JkMount /service/* localhost JkMount /zimbraAdmin/* localhost
[NOTE: the last argument given in the JkMount directive should be the name of the worker defined in workers.properties ]
Restart Tomcat and Apache
/opt/zimbra/bin/tomcat restart apachectl restart
Issues
The login should be http only [2] It seems that mixed login is broken (Mixed login means that if you hit http://, it redirects to https for login then returns to http for session. If you hit https:// originally, the login is in https, and the session continues in https).
If it still wont work
If it still doesn't work, perhaps this will help: Zimbra_with_Apache_using_mod_jk.