# # When we also provide SSL we have to listen to the # the HTTPS port in addition. # Listen 19443 https #Listen 443 https ## ## SSL Global Context ## ## All SSL configuration in this context applies both to ## the main server and all SSL-enabled virtual hosts. ## # Pass Phrase Dialog: # Configure the pass phrase gathering process. # The filtering dialog program (`builtin' is a internal # terminal dialog) has to provide the pass phrase on stdout. SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog # Inter-Process Session Cache: # Configure the SSL Session Cache: First the mechanism # to use and second the expiring timeout (in seconds). SSLSessionCache shmcb:/run/httpd/sslcache(512000) SSLSessionCacheTimeout 300 # Pseudo Random Number Generator (PRNG): # Configure one or more sources to seed the PRNG of the # SSL library. The seed data should be of good random quality. # WARNING! On some platforms /dev/random blocks if not enough entropy # is available. This means you then cannot use the /dev/random device # because it would lead to very long connection times (as long as # it requires to make more entropy available). But usually those # platforms additionally provide a /dev/urandom device which doesn't # block. So, if available, use this one instead. Read the mod_ssl User # Manual for more details. SSLRandomSeed startup file:/dev/urandom 256 SSLRandomSeed connect builtin #SSLRandomSeed startup file:/dev/random 512 #SSLRandomSeed connect file:/dev/random 512 #SSLRandomSeed connect file:/dev/urandom 512 # # Use "SSLCryptoDevice" to enable any supported hardware # accelerators. Use "openssl engine -v" to list supported # engine names. NOTE: If you enable an accelerator and the # server does not start, consult the error logs and ensure # your accelerator is functioning properly. # SSLCryptoDevice builtin #SSLCryptoDevice ubsec ## ## SSL Virtual Host Context ## ServerName serverhostname SSLEngine on SSLCertificateChainFile /etc/ssl/certs/trustedCertificates.pem SSLCertificateKeyFile /etc/ssl/certs/privateKey.pem SSLCertificateFile /etc/ssl/certs/certificateChain.pem RewriteEngine on RewriteRule ^/shs$ /shs/ [R] RewriteRule ^/yts$ /yts/ [R] RewriteRule ^/applicationhistory$ /applicationhistory/ [R] RewriteRule ^/jh$ /jh/ [R] RewriteRule ^/rm$ /rm/ [R] RewriteRule ^/cluster$ /cluster/ [R] ProxyPassReverse https://serverhostname:19443/ http://localhost:18899/ ProxyPassReverse https://serverhostname:19443/ https://localhost:18899/ ProxyPass "http://localhost:18899/proxy" connectiontimeout=25 timeout=30 AddOutputFilterByType SUBSTITUTE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript application/json Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:8080/tez-ui/|/tez/tez-ui/|nq" Substitute "s|http:\/\/(ip-.*?:8042)|/nm/$1|" ProxyPass "http://localhost:18899/jh/" connectiontimeout=25 timeout=30 AddOutputFilterByType SUBSTITUTE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript application/json Substitute "s|[hH][rR][eE][fF]='\/((?!static).*?)'|href='/jh/$1'|" Substitute 's|[hH][rR][eE][fF]="\/((?!static).*?)"|href="/jh/$1"|' .*:8042)\/(?.*)$)"> ProxyPass "http://localhost:18899/" connectiontimeout=25 timeout=30 ProxyPass "http://localhost:18899/shs/" connectiontimeout=25 timeout=30 AddOutputFilterByType SUBSTITUTE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript application/json Substitute 's|href="/|href="/shs/|nq' Substitute 's|src="/|src="/shs/|nq' Substitute 's|uiRoot=""|uiRoot="/shs"|nq' Substitute "s|setUIRoot('')|setUIRoot('/shs')|nq" Substitute "s|http:\/\/(ip-.*?:8042)|/nm/$1|" ProxyPass "http://localhost:18899/static/" connectiontimeout=25 timeout=30 ProxyPass "http://localhost:18899/applicationhistory/" connectiontimeout=25 timeout=30 AddOutputFilterByType SUBSTITUTE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript application/json Substitute "s|[hH][rR][eE][fF]='\/((?!static).*?)'|href='/yts/$1'|" Substitute 's|[hH][rR][eE][fF]="\/((?!static).*?)"|href="/yts/$1"|' Substitute "s|[hH][rR][eE][fF]='http(s)?:\/\/(.*?:8042)'|href='/nm/$2/'|" Substitute 's|[hH][rR][eE][fF]="http(s)?:\/\/(.*?:8042)"|href="/nm/$2/"|' Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:8188/|/yts/|nq" Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:8088/|/rm/|nq" Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:20888/proxy/|/proxy/|nq" ProxyPass "http://localhost:18899/yts/" connectiontimeout=25 timeout=30 AddOutputFilterByType SUBSTITUTE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript application/json Substitute "s|[hH][rR][eE][fF]='\/((?!static).*?)'|href='/yts/$1'|" Substitute 's|[hH][rR][eE][fF]="\/((?!static).*?)"|href="/yts/$1"|' Substitute "s|[hH][rR][eE][fF]='http(s)?:\/\/(.*?:8042)'|href='/nm/$2/'|" Substitute 's|[hH][rR][eE][fF]="http(s)?:\/\/(.*?:8042)"|href="/nm/$2/"|' Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:8188/|/yts/|nq" Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:8088/|/rm/|nq" Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:20888/proxy/|/proxy/|nq" ProxyPass "http://localhost:18899/rm/" connectiontimeout=25 timeout=30 AddOutputFilterByType SUBSTITUTE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript application/json Substitute "s|[hH][rR][eE][fF]='\/\/(ip-.*?:8042)'|href='/nm/$1/'|" Substitute 's|[hH][rR][eE][fF]="\/\/(ip-.*?:8042)"|href="/nm/$1/"|' Substitute 's%[hH][rR][eE][fF]="\/((?!static|nm|rm).*?)"%href="/rm/$1"%' Substitute "s|[hH][rR][eE][fF]='http(s)?:\/\/(.*?:8042)'|href='/nm/$2/'|" Substitute 's|[hH][rR][eE][fF]="http(s)?:\/\/(.*?:8042)"|href="/nm/$2/"|' Substitute "s|[hH][rR][eE][fF]='http(s)?:\/\/(.*:8042)\/(.*?)'|href='/nm/$2/$3'|" Substitute 's|[hH][rR][eE][fF]="http(s)?:\/\/(.*:8042)\/(.*?)"|href="/nm/$2/$3"|' Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:8088/|/rm/|nq" Substitute "s|http://HOSTNAME.DOMAINNAME.FQDN:20888/proxy/|/proxy/|nq" ProxyPass "http://localhost:18899/cluster/" connectiontimeout=25 timeout=30 ProxyPass "http://localhost:18899/tez/" connectiontimeout=25 timeout=30