How To Install And Setup Apache
Preparation
This document is for the newer portals and API. If you are running the legacy web host, please refer
to this page: How to Setup Apache with Web Host
After Wamp has been installed, please refer to the applicable Help pages on installing the API and
portals.
If not already done, setup the Domain Names in your DNS Server (EX: sub.yourdomain.com). For Premise
sites, you want to create A record(s) that points to your public IP address. For cloud sites, you want
to create CNAME record(s) that point to the domain that you use to connect to our server. Typical portals
that will need domain names are api, client, dashboard, & consumer or debtor. Please refer to
the portal specific Help documents:
In your Firewall, open ports 80 and 443 to all traffic. If applicable, setup port forwarding for
ports 80 and 443 on your external gateway to the Collect! server.
Domain Configuration
Setting up external access requires either a static IP address from your Internet Service
Provider, or for you to keep an eye on your external IP address and update it as needed.
- In a web browser, login to your domain or hosting provider that manages your DNS settings.
- Go to your DNS Zone editor for your domain.
WARNING: Different providers have different requirements. These instructions are based on the
most common DNS Zone Editors in the market.
- Create an A Record for api.yourdomain.com.
- Host: api
- IP Address: Your external IP address.
- Time to Live (TTL): Select the lowest option.
If you already have an domain pointed to your External IP, such as for your Client Portal,
or if you are an existing Collect! Cloud-Hosted customer, then create a CNAME Record.
- If applicable, create an CNAME Record for client.yourdomain.com.
- Host: client
- Points To: api.yourdomain.com
- Time to Live (TTL): Select the lowest option.
- If applicable, create an CNAME Record for consumer.yourdomain.com.
- Host: consumer
- Points To: api.yourdomain.com
- Time to Live (TTL): Select the lowest option.
- If applicable, create an CNAME Record for dashboard.yourdomain.com.
- Host: dashboard
- Points To: api.yourdomain.com
- Time to Live (TTL): Select the lowest option.
The domains names above are suggestions. You can pick your own domain names and update
Apache as needed.
WARNING: If your network has its own DNS Server, you may have to update it too.
Install Wampserver
Wampserver Home Page: http://www.wampserver.com/en/
Wampserver All-in-One Page: https://wampserver.aviatechno.net/
We recommend that you use the Default Location: C:\wamp64, but it is not required
if you want to use a data drive or have experience with Wampserver.
- Navigate to the Wampserver All-in-One page above.
- Scroll to the bottom of the page and install all of the "Visual C++ Redistributable Packages" for
x86 and x64. If you get a message that they are already installed or to repair the installation,
that is fine, just cancel the installer.
- Scroll back to the top of the page and install Wampserver from the "Installers Wampserver full
install version" section. Make note of the Apache and PHP versions in the installer's link.
- Run the Wampserver Manager (wampmanager.exe) from the installed directory.
- If there is a newer version of Wampserver under the "Updates" section, install it and re-launch
the Wampserver manager.
- Scroll down to "Addons Wampserver" and look for new versions of Apache and PHP.
- If there is a newer version of Apache, install it and re-launch the Wampserver manager.
- If there is a newer version of PHP, install it and re-launch the Wampserver manager.
- In the System Tray section (next to the Windows Clock), look for the Green "W" icon.
- Left click the Wampserver icon and go to Apache, then Version, and select the latest version.
- Left click the Wampserver icon and go to PHP, then Version, and select the latest version.
- Left click the Wampserver icon and go to MySQL, then Service Administration, and select "Remove Service."
- Left click the Wampserver icon and go to MariaDB, then Service Administration, and select "Remove Service."
- Right click the Wampserver icon and go to Wamp Settings and uncheck "Allow MySQL."
- Right click the Wampserver icon and go to Wamp Settings and uncheck "Allow MariaDB."
WARNING: The instructions below are specific to Wamp's version of Apache, not Apache directly or
any other web service tool.
Editing Files
Open using a plain-text editor such as Notepad++. Dot not use Notepad or Word as they add characters
or strip hard returns.
https://notepad-plus-plus.org/download/
C:\wamp64\bin\Apache\Apache2.4.#\conf\httpd.conf
Modify and Add the following to lines 26-28 (line numbers approx.)
ServerSignature Off
ServerTokens Prod
TraceEnable Off
In the Define's section near the top, add the applicable domains to define from each of the Help
pages of the portals that you are configuring. Also, add the below to define a path for the SSL files.
Define SSL_FILE_PATH "C:/Collect/bin"
Define ADMIN_EMAIL admin@yourdomain.com
Uncomment (remove the # symbol) from the beginning of the lines in the Dynamic Shared Objects (DSO)
section:
LoadModule headers_module modules/mod_headers.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
At the bottom of file, add the following line:
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
<IfModule mod_headers.c>
Header unset X-Forwarded-Host
</IfModule>
Do not uncomment this line yet: "Include conf/extra/httpd-ssl.conf"
C:\wamp64\bin\Apache\Apache2.4.#\conf\extras\httpd-vhosts.conf
Copy and paste the code from the applicable Help pages for the portals that you want to setup.
C:\wamp64\bin\Apache\Apache2.4.#\conf\extras\httpd-ssl.conf
Delete the default vhost. It starts with: <VirtualHost _default_:443>
Copy and paste the code from the applicable Help pages for the portals that you want to setup.
RESTART All Wampserver Services (Apache).
Using Lets Encrypt To Automatically Create And Renew Certificates
If you want to have your SSL certificates automatically managed for free, you can use LetsEncrypt
to maintain your certificates.
You can use Collect! to generate the CSR with the Security Certificates menu as defined above
under Creating a Self-Signed SSL Certificate.
Our examples below will assume the CSR and key files are in the Collect\bin folder and that
Wamp was installed at C:\wamp64.
Using Win-Acme
- Download latest release of win-acme from https://github.com/win-acme/win-acme/releases/. The links are at the bottom
of the page. Pay attention to the link. You will need to select x64 or x86 depending on the
version of Wamp you installed. All of our examples have been based on x64. The Pluggable versus
the Trimmed does not matter. We don't use any plug-ins, so you can use the Trimmed, if you
want.
- Extract the zip to C:\win-acme (create the folder, if you don't have it)
- Run C:\win-acme\wacs.exe
- Type M then Enter to create a certificate with full options.
- Type 2 the Enter to manually enter a domain name.
- Enter the domain name to create the certificate for.
- Hit Enter to accept the suggested friendly name retrieved from the CSR.
- Type 1 then Enter to save the verification files on a network path.
- Enter the path to the Wamp public folder. EX: C:\wamp64\www
- Type N to not have the web.config file.
- Type 2 then Enter to select RSA key.
- Type 2 then Enter to create PEM files.
- Type the path that you want to save the PEM files and hit Enter. You can save them anywhere,
but for simplicity, we recommend the Collect\bin folder. EX: C:\Collect\bin
- Press 1 for None to the request for the password for the private key.
- Type 5 then Enter to not save the files in any other Stores.
- Type 3 then Enter to indicate no additional installation steps.
- Type y or n if you wish to read the Terms of Service.
- Type y to agree to the Terms.
- Enter an email to be notified of abuse or leave blank and hit Enter.
- Type n to specify a user.
- Type Q then Enter to quit the win-acme application.
- Navigate to the Collect\bin folder and make note of the PEM file names. Examples:
SSL Certificate File: yourdomain-crt.pem
SSL Key File: yourdomain-key.pem
SSL Certificate Chain File: yourdomain-chain.pem
- Open C:\wamp64\bin\Apache\Apache2.4.#\conf\extras\httpd-ssl.conf and update the file names
for the following variables: SSLCertificateFile, SSLCertificateKeyFile,
SSLCertificateChainFile
- Repeat for any other certificates that you have to setup.
The win-acme application will automatically create a Task in the Windows Scheduler to
renew the certificate periodically.
If you are using multiple domains (EX: client, dashboard, portal, api, etc.), you can create
multiple virtual hosts, multiple CSR files, and run the wacs.exe file for each domain.
Alternatively, advanced users of Win-Acme can create wildcard certificates.
Enable Https
Open the C:\wamp64\bin\Apache\Apache2.4.#\conf\httpd.conf file.
Find the "Include conf/extra/httpd-ssl.conf" line near the bottom and uncomment it.
Restart Apache.
Running Collect! On A Dedicated Web Server
If you are running Collect! on a dedicated web server that is not the application server where the
Collect! Companion Server is running, you can do so, but there are special considerations:
- The connection from the web server to the app server will be unencrypted, so data will
be accessible over the network. Any references to "localhost" in the applicable SSL vhost
configuration will need to be updated with the applicable IP addresses of the Application
server. If this is a concern, then you will need to setup a dedicated VPN between the 2
servers.
- The SSL certificates can be put in any location, except the Wampserver\www folder.
- The web server applications can be put in any location, except the Wampserver\www folder.
- The contents of the companion\cli folder must be copied to the {Collect}\bin\companion\cli
directory on the Application server. Any changes to one file must be copied to it's counterpart.
- You will need to contact us for the scripts to Update and Seed the database, discussed in
the applicable Portal pages.
Troubleshooting
If the icon is red or orange, a service didn't start. Go to the Windows Event Viewer and bring up
the application log to review the errors.
If you've resolved all your errors, you can now click on the WampServer "W" icon in the bottom right
of the Windows desktop, and choose "Restart All services".
If everything goes well it should go Red -> Orange -> Green and you can begin testing.
If it does not go green, go into C:/wamp64/logs/ and review the logs that were last written to, for
errors. Or go to the Windows Logs. Once you've fixed the errors, click the W, Restart All services
and when the W goes green, you can begin testing.
Check the Windows Application Log and look for Warnings. Typical issues are either misconfiguration
in the files or missing files like SSL certificates.
|
Was this page helpful? Do you have any comments on this document? Can we make it better? If so how may we improve this page.
Please click this link to send us your comments: helpinfo@collect.org