Using IBM HTTP Server instead of Apache HTTP Server

You can configure IBM HTTP Server (IHS) for use with the Management Console, but it is highly recommended that you use the built-in Apache HTTP Server.

Before you begin

About this task

This topic describes how to do the following tasks:

  1. Set up the precompiled PHP files.
  2. Modify your IBM HTTP Server configuration files to point to the Build Forge web application.
  3. If you use a proxy server to access the database, modify PHP to use the proxy server.
  4. If you use SSL, configure IHS to work with Build Forge through SSL.
  5. Windows systems: replace the libeay32.dll in the IBM HTTP Server installation directory.
  6. AIX systems: additional setup

Set up the precompiled PHP files

About this task

This task describes how to locate the provided PHP files and copy them to specified locations. The files are the following directories:

  • Windows systems
    <bfinstall>\ihs_modules
  • UNIX and Linux systems
    <bfinstall>/Platform/ihs_modules

Procedure

  1. Copy PHP modules. Create the modules directory if necessary.
    • Windows systems
      cd <bfinstall>\ihs_modules\modules\
      copy *.dll C:\Program Files\IBM\HTTPServer\modules
    • UNIX and Linux systems
      cd <bfinstall>/Platform/ihs_modules/modules
      cp libphp5.so /opt/IBM/HTTPServer/modules
  2. Copy PHP extensions. Create the extensions directory if necessary.
    • Windows systems
      cd <bfinstall>\ihs_modules\lib\php\extensions\
      copy *.dll C:\Program Files\IBM\HTTPServer\extensions
    • UNIX and Linux systems
      cd <bfinstall>/Platform/ihs_modules/lib/php/extensions/no-debug-zts-20090626
      cp *.so /opt/IBM/HTTPServer/extensions
  3. Copy the provided php.ini file. Create the conf directory if necessary.
    • Windows systems
      cd <bfinstall>\ihs_modules
      copy php.ini C:\Program Files\IBM\HTTPServer\conf
    • UNIX and Linux systems
      cd <bfinstall>/Platform/ihs_modules
      cp php.ini /opt/IBM/HTTPServer/conf
  4. Edit the php.ini file you copied to the conf directory to include a pointer to the extensions directory. Add or replace the following line:
    • Windows systems
      extension_dir = C:\Program Files\IBM\HTTPServer\extensions
    • UNIX and Linux systems
      extension_dir = /opt/IBM/HTTPServer/extensions
  5. Edit the php.ini file with information for your system. You can use the php.ini file provided for Apache HTTP Server as a guide. The file is provided in the following location:
    • Windows systems
      <bfinstall>\Apache\php\php.ini
    • UNIX and Linux systems
      <bfinstall>/server/apache/conf/php.ini
  6. Add write access for all directories used in php.ini. On UNIX and Linux systems, run the following command on the directories:
    chmod -R 777

Edit the IBM HTTP Server configuration file

Procedure

  1. Locate the httpd.conf file for the IBM HTTP Server (IHS) in the conf directory of your server installation.
  2. Modify the DocumentRoot setting to point to the Build Forge web application, as shown in the example. In this example, the Build Forge installation directory is /opt/buildforge.
    <VirtualHost *:80>
         ServerAdmin build@yourdomain.com
         DocumentRoot /opt/buildforge/webroot/public
         ServerName ausbuild01.yourdomain.com
         ServerAlias build.yourdomain.com mc.yourdomain.com #optional server aliases
         ErrorLog logs/ausbuild.error_log
         CustomLog logs/ausbuild.access_log common
    </VirtualHost>
  3. Add PHP-related entries.
    • Windows systems
      LoadModule php5_module "C:\Program Files\IBM\HTTPServer\modules\php5apache2_2.dll"
      
      <IfModule dir_module>     
         DirectoryIndex index.html index.php
      </IfModule>  
      
      AddType application/x-httpd-php .php 
      
      # PHPIniDir is the location of the php.ini file
      PHPIniDir "C:\Program Files\IBM\HTTPServer\conf"
    • UNIX and Linux systems
      LoadModule php5_module "/opt/IBM/HTTPServer/modules/libphp5.so"
      
      <IfModule dir_module>     
         DirectoryIndex index.html index.php
      </IfModule>  
      
      AddType application/x-httpd-php .php 
      
      # PHPIniDir is the location of the php.ini file
      PHPIniDir "/opt/IBM/HTTPServer/conf"
  4. Change the statements for the default user:
    • If you are using an AIX system, use User daemon and Group staff rather than User daemon and Group daemon.
    • For a Linux system, change the statements to User daemon and Group daemon on the templates_c file in the <bfinstall>/webroot/templates_c folder. An example for a Linux system is chown daemon:daemon /opt/buildforge/webroot/templates_c.
  5. Change the permissions on the templates_c file. Use daemon: daemon on Linux systems and daemon: staff on AIX systems. Here is an example for Linux systems:
    chown daemon:daemon /opt/buildforge/webroot/templates_c
  6. If necessary, change the IHS port number. The default port number is 80. Make any other necessary changes to httpd.conf.

Identify Proxy Server in PHP

About this task

Perform this step only if the management console needs to use a proxy server to access its database.

Procedure

Edit the PHP configuration file php.ini. It is located in <php-install>/lib; for example /usr/local/php-5.3.6.

Add the following entries:

bf_proxyHost=<your_proxy_server_hostname>
bf_proxyPath=<your_proxy_path>
bf_symlinkPath=<symlink_to_proxy_path>

Configuring SSL for IHS

About this task

In addition to the normal SSL setup for IHS, there are additional requirements for it to work with Build Forge®.

Procedure

  1. Include Build Forge® tool directories in your path.
    • Windows systems:
      • bfinstall\ibmjdk\bin
      • bfinstall\openssl
    • Unix or Linux systems:
      • bfinstall/server/ibmjdk/bin
  2. Include Build Forge® tool directories in your library path.
    • AIX systems (LIBPATH):
      • bfinstall/openssl
    • Unix or Linux systems (LD_LIBRARY_PATH):
      • bfinstall/openssl
  3. Convert the Build Forge® keys from PKCS12 to CMS. Use the latest version of the GSKIT tool. In gsk7\bin (Windows) or bin (Unix or Linux), run the following command (line breaks are added for clarity):
    gsk7cmd -keydb 
            -convert 
            -db bfinstall\keystore\buildForgeKeyStore.p12 
            -pw buildForgeKeyStore_password 
            -old_format pkcs12 
            -new_format cms
  4. Store the password in a stash file. IHS uses this file to get the password during startup. Without it, IHS prompts for the password. Use the latest version of the GSKIT tool. In gsk7\bin (Windows) or bin (Unix or Linux), run the following command (line breaks are added for clarity):
    gsk7cmd -keydb 
            -stashpw 
            -db bfinstall\keystore\buildForgeKeyStore.kdb 
            -pw buildForgeKeyStore_password
  5. Modify httpd.conf. Include the following entries for Windows. If you want users to access using https only, you must comment out Listen 80.
    LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
    # Listen 80
    Listen 0.0.0.0:443
    <VirtualHost *:443>
    SSLEnable
    SSLClientAuth None
    SSLProtocolDisable SSLv2 
    SSLServerCert buildforge
    KeyFile bfinstall\keystore\buildForgeKeyStore.kdb
    SSLStashFile bfinstall\keystore\buildForgeKeyStore.sth
    ErrorLog bfinstall\Apache\logs\ssl_error.log
    TransferLog bfinstall\Apache\logs\transfer.log
    </VirtualHost>

    Include the following entries for Unix and Linux. If you want users to access using https only, you must comment out Listen 80.

    LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
    # Listen 80
    Listen 0.0.0.0:443
    <VirtualHost *:443>
    SSLEnable
    SSLClientAuth None
    SSLProtocolDisable SSLv2 
    SSLServerCert buildforge
    KeyFile bfinstall/Platform/keystore/buildForgeKeyStore.kdb
    SSLStashFile bfinstall/Platform/keystore/buildForgeKeyStore.sth
    ErrorLog bfinstall/server/apache/logs/ssl_error.log
    TransferLog bfinstall/server/apache/logs/transfer.log
    </VirtualHost>

    bfinstall is the root of the installation directory. For the steps above, on Unix and Linux, you might need to append /Platform to bfinstall to reach the correct directory. You must also use a forward slash (/) instead of a backslash (\) to separate directories.

Results

Refer to the IHS documentation on setting up SSL for more information.

Windows: replace DLL

About this task

If you are using a version of IBM HTTP server previous to version 8.0, you must replace a DLL with the one provided with Rational® Build Forge®.

Procedure

Locate and replace the existing libeay32.dll file in multiple locations in the IBM HTTP server installation directory.
  • Use the libeay32.dll provided in <bfinstall>/openssl.
  • Search for all instances of the DLL and replace them. The example locations in Windows 2003 are:
    <ihs_install>\Plugins\gsk7\gsk7_32\icc\osslib
    <ihs_install>\gsk7\icc\osslib

Results

The HTTP server can start normally after you replace the DLL. If you do not replace it, the HTTP server fails to start.

AIX systems: additional setup

For AIX systems, additional setup is required.

Procedure


Feedback