Installing RSA Webagent for Apache 2.2 on CentOS 6

First copy the sdconf.rec file to /var/ace

Create option file and add the webserver ip address

Install requirements

Start portmap daemon

Install RSA WebAgent





We need to copy the rsawebagent.tar to the current directory, without that the installer fails

Start the installer

Add rsawebagent libraries to the system

Configure the RSA Webagent

Register the server in RSA Manager

Edit Apache init script

Reboot server

Apache – Remove Server Header Field

Patching apache source code

Change to your httpd source directory

Create no header patch

Patch httpd source from the patch file above

Compile and install



Apache output now a empty banner if you set the ServerTokens to Prod

Apache Active Directory LDAP Authentification

With the authnz_ldap module apache is able to perform HTTP authentication trought an ldap directory server. This documentation explains the activation and configuration of this module in Debian Wheezy.

First activate the apache module authnz_ldap

Now you can configure ldap authentication in the apache configuration. The example below shows an ldap authentication for the directory /var/www/protected.

AuthLDAPBindDN “cn=myldapuser,ou=Security Users,dc=homelinux,dc=local”

User to use for the bind, in this case username is myldapuser and the user is located in the organisation unit “Security Users” in the domain component “homelinux.local”.

AuthLDAPBindPassword “verysecretpassword”

Password for the bind user

AuthLDAPURL “ldap://homelinux.local/ou=Managment,ou=Homelinux,dc=homelinux,dc=local?sAMAccountName”

Sets the ldap search parameters, in this case the ldap host is homelinux.local and the basedn is “ou=Managment,ou=Homelinux,dc=homelinux,dc=local”, the attrubte to search for is “sAMAccount”, that’s the logon name on windows ldap directory (active directory). Check the mod_authnz_ldap documentation for more information.

Require ldap-group CN=Managment,OU=Homelinux,DC=homelinux,DC=local

This directive specifies the ldap group whose members are allowed to access. In this case the group is “Managment” located in the organisation unit “Homelinux” in the domain component “homelinux.local”




Compiling Apache 2.2 with SSL RedHat CentOS

OpenSSL

Get the latest stable version from OpenSSL.org

Configure OpenSSL with shared option and install it

Create symbolic link, helpfully for a future openssl upgrade

Add OpenSSL libraries to ldconfig and reload it

 Apache





Get the latest httpd stable version 2.2 from httpd.apache.org

Configure Apache with shared mods and ssl, disable userdir and autoindex

Copy init script to init.d

Change httpd, pidfile and CONFFILE variables

Start Apache