Solutions
HomeIntegrityControlSolutionsManagement Center
  • Integrations
  • 📈Monitoring
    • Setup Prometheus and Grafana
  • 🗝️PKI
    • Extract certificate chain from keystore
  • 🔄Automation
    • Install with Ansible
  • 🧔Customer IAM
    • Social Provider Sign-in
      • Google sign-in
      • Microsoft Windows Live sign-in
      • Facebook sign-in
      • LinkedIn sign-in
  • 🖥️VDI
    • VMware Horizon login with SAML or OIDC using Integrity WEB as third-party IdP
    • Citrix ADC (Netscaler) login with SAML using Integrity WEB as third-party IdP
    • Login to the VMware vCenter Server using Integrity WEB
  • ☁️Cloud Applications
    • ServiceNow
    • Azure B2C
  • 🤝Verifiable Credentials
    • Add Integrity Web as an OIDC attribute provider for Microsoft Entra (Azure) Verifiable Credentials
  • ⏪Proxy / Load Balancer
    • Apache
  • 💾Active Directory Federation Services (ADFS)
    • Access policies
      • How to mark Primary Authentication Fortified ID ADFS adapters as MFA
    • Graphical user interface
      • How to change adapter display (friendly) name
      • How to change adapter style (colors, logos and texts)
    • ADFS not able to consume Integrity SAML Metadata - troubleshooting guide
Powered by GitBook
On this page
  • Configuration
  • Sample configuration
  1. Proxy / Load Balancer

Apache

Use Apache httpd for SSL termination and proxy in front of Integrity

PreviousAdd Integrity Web as an OIDC attribute provider for Microsoft Entra (Azure) Verifiable CredentialsNextAccess policies

Last updated 1 year ago

Configuration

  1. Install Apache httpd

  2. Enable SSL

  3. Enable proxy modules

  4. Add proxy rules

Sample configuration

This is a sample configuration file for SSL and proxy. In this scenario, the Apache server runs on the same host as Integrity. In this sample, SSL certificate management is handled by LetsEncrypt.

Change ServerName, SSLCertificateKeyFile and SSLCertificateFile settings to match your environment.

<IfModule mod_ssl.c>
<VirtualHost *:443>
	# The ServerName directive sets the request scheme, hostname and port that
	# the server uses to identify itself. This is used when creating
	# redirection URLs. In the context of virtual hosts, the ServerName
	# specifies what hostname must appear in the request's Host: header to
	# match this virtual host. For the default virtual host (this file) this
	# value is not decisive as it is used as a last resort host regardless.
	# However, you must set it for any further virtual host explicitly.
	#ServerName www.example.com

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html

	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
	# error, crit, alert, emerg.
	# It is also possible to configure the loglevel for particular
	# modules, e.g.
	#LogLevel info ssl:warn

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	# For most configuration files from conf-available/, which are
	# enabled or disabled at a global level, it is possible to
	# include a line for only one particular virtual host. For example the
	# following line enables the CGI configuration for this host only
	# after it has been globally disabled with "a2disconf".
	#Include conf-available/serve-cgi-bin.conf


ServerName demo.fortifiedid.se
SSLCertificateFile /etc/letsencrypt/live/demo.fortifiedid.se/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/demo.fortifiedid.se/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ProxyPass "/" "http://localhost:8080/"
ProxyPassReverse "/" "http://localhost:8080/"
</VirtualHost>
</IfModule>

⏪