Beruflich Dokumente
Kultur Dokumente
http://wiki.zimbra.com/index.php?title=ZimbraApache
Zimbra
the leader in open source email and collaboration
Search
User Help | Forums | Blog | Contact Us | Buy Zimbra Learn Products Community Support Partners Downloads About
ZimbraApache
From Zimbra :: Wiki
Contents
1 Running apache and zimbra webmail on the same host 1.1 Apache over http (port 80) and Zimbra over https (port 443) 1.2 Sharing http (port 80) and/or https (port 443) between Zimbra and Apache 1.3 Sharing both HTTP and HTTPS between both Zimbra and Apache using Dierent Domain Names 1.3.1 Change the ports that the Zimbra webmail client listens on 1.3.2 Set up your redirects in Apache 1.3.2.1 Set up the http redirects 1.3.2.2 Set up your https redirects 1.3.3 Restart Apache 1.4 Sharing both HTTP and HTTPS between both Zimbra and Apache using Dierent IP Addresses 1.4.1 Change the ports that the Zimbra webmail client listens on 1.4.2 Set up your redirects in Apache 1.4.2.1 Make sure Apache is listening on all IP addresses 1.4.2.2 Set up the http redirects 1.4.2.3 Set up your https redirects 1.4.3 Restart Apache 2 Other Links
Apache over http (port 80) and Zimbra over https (port 443)
If you don't need to have non-SSL (http/port 80) access to zimbra webmail and you don't need to have SSL (https/port 443) access to apache, congure zimbra to only listen on https port 443.
su - zimbra zmtlsctl https tomcat restart
1 de 7
08/05/12 12:21
http://wiki.zimbra.com/index.php?title=ZimbraApache
That's it! Now apache will serve websites (presumably over port 80), and zimbra will serve webmail over port 443.
Sharing http (port 80) and/or https (port 443) between Zimbra and Apache
If you do need to have access to both zimbra and apache over the same port, use this guide. Q: How to run Apache + Zimbra on the same host without having to use a weird port to access any of them ? A: Use mod_proxy ;) This wiki page is based on this zimbra forums thread: http://www.zimbra.com/forums/showthread.php?t=2476 (I am using a Debian Sarge). You must have several hostnames for your server (for example zimbra.domain.com and www.domain.com). First of all, change zimbraMailPort, and recreate zimbraMtaAuthHost and restart zimbra so our apache can listen on 80, do it like this :
zmprov ms zimbra.mydom.com zimbraMailPort 81 zmprov ms zimbra.mydom.com zimbraMtaAuthHost zimbra.mydom.com /etc/init.d/zimbra restart
Then, install your prefered apache version (1.3 / 2) and add the proxy module : for apache 1.3 :
echo "LoadModule proxy_module /usr/lib/apache/1.3/libproxy.so" >> /etc/apache/modules.conf apachectl restart
for apache 2 :
ln -s /etc/apache2/mods-available/proxy.load /etc/apache2/mods-enabled/proxy.load ln -s /etc/apache2/mods-available/proxy.conf /etc/apache2/mods-enabled/proxy.conf /etc/init.d/apache2 restart
Now we can add our virtualhosts. for apache 1.3, go into /etc/apache/conf.d/ and create/edit vhosts.conf : [for apache 2 go into /etc/apache2/conf.d/]
NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin dz@mydom.com DocumentRoot /var/www/myweb ServerName www.mydom.com ErrorLog /var/log/apache/www-error.log CustomLog /var/log/apache/www-access.log common </VirtualHost> <VirtualHost *:80> ServerName zimbra.mydom.com ServerAdmin dz@mydom.com ProxyPass / http://zimbra.mydom.com:81/ ProxyPassReverse / http://zimbra.mydom.com:81/ ErrorLog /var/log/apache/zimbra-error.log CustomLog /var/log/apache/zimbra-access.log common </VirtualHost>
To do mod_proxy on the admin side do something along the following lines in httpd.conf
<VirtualHost *:80> ServerName zimbras.domain.tld ServerAdmin admin@domain.tld SSLProxyEngine On ProxyPass / https://zimbra.domain.tld:7071/
2 de 7
08/05/12 12:21
http://wiki.zimbra.com/index.php?title=ZimbraApache
ProxyPassReverse / https://zimbra.domain.tld:7071/ (the hostname of the real zimbra server) ErrorLog /var/log/zimbras.domain-error.log CustomLog /var/log/zimbras.domain-access.log combined CustomLog /var/log/all-access.log combined (something i have on all my hosts) </VirtualHost>
Almost done. Restart everything. Test your new hosts. Enjoy Zimbra ;)
Sharing both HTTP and HTTPS between both Zimbra and Apache using Dierent Domain Names
I found that the above wouldn't work when I tried to preserve http and https access for both Zimbra and Apache. Here is what I did to x it. Instead of using ProxyPass, I used Redirect, as follows.
Set up your https redirects Under Apache2 on CentOS, I just edit the le called /etc/httpd/conf.d/ssl.conf. Look for the line that says:
<VirtualHost _default_:443>
Below that, look for the commented-out line that starts with ServerName, uncomment it, and add your server name that you want to use for Apache:
ServerName www.yourdomain.com
Next, go to the bottom of the le and setup your Zimbra virtual host
<VirtualHost *:443> ServerName mail.yourdomain.com ServerAdmin admin@yourdomain.com
3 de 7
08/05/12 12:21
http://wiki.zimbra.com/index.php?title=ZimbraApache
Why do we bother specifying the SSL certicate if we are only going to redirect from Apache to Zimbra? Because if you don't, your user will get an "invalid certicate" error from their browser before the redirect happens.
Restart Apache
/etc/init.d/httpd restart
Sharing both HTTP and HTTPS between both Zimbra and Apache using Dierent IP Addresses
Instead of using dierent domain names, as in the above example, I nd that it is much easier and cleaner to simply use dierent IP addresses. On my box, I only have one network interface card, but I have six public IP addresses that all point to it. Therefore, in my DNS I simply assign the www.yourdomain.com subdomain to XXX.XXX.XXX.100 and the mail.yourdomain.com subdomain to XXX.XXX.XXX.101. This gives you the added exibility of adding many dierent sub domain aliases in your DNS and simply pointing them all to the same IP address. For example, you could add aliases like webmail.yourdomain.com and zimbra.yourdomain.com to the DNS, and you wouldn't have to change any of the conguration les below for it to work properly.
You will either need to delete the IP address reference or simply add multiple Listen lines for each of your IP addresses. Set up the http redirects Under Apache2 on CentOS, I just create a le called /etc/httpd/conf.d/vhosts.conf with the following content:
NameVirtualHost XXX.XXX.XXX.100:80 NameVirtualHost XXX.XXX.XXX.101:80
4 de 7
08/05/12 12:21
http://wiki.zimbra.com/index.php?title=ZimbraApache
Set up your https redirects Under Apache2 on CentOS, I just edit the le called /etc/httpd/conf.d/ssl.conf. Look for the line that says:
<VirtualHost _default_:443>
Next, go to the bottom of the le and setup your Zimbra virtual host
<VirtualHost XXX.XXX.XXX.101:443> ServerName mail.yourdomain.com ServerAdmin admin@yourdomain.com ErrorLog /var/log/zimbra-ssl-error.log CustomLog /var/log/zimbra-ssl-access.log common SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /etc/pki/tls/certs/zimbra.crt SSLCertificateKeyFile /etc/pki/tls/private/zimbra.key SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt Redirect / https://mail.yourdomain.com:60443/ </VirtualHost>
Why do we bother specifying the SSL certicate if we are only going to redirect from Apache to Zimbra? Because if you don't, your user will get an "invalid certicate" error from their browser before the redirect happens.
Restart Apache
/etc/init.d/httpd restart
Other Links
Provide_HTTP(s)_Integration_with_Apache Zimbra_with_Apache_using_mod_jk_-_mod_proxy_-_mod_proxy_ajp Using_Tomcat_with_Apache_(mod_jk)
Veried Against: Unknown Article ID: http://wiki.zimbra.com/index.php?title=ZimbraApache Retrieved from "http://wiki.zimbra.com/wiki/ZimbraApache" Category: Customizing ZCS Zimbra.com | Popular Searches | About Zimbra
5 de 7
08/05/12 12:21
http://wiki.zimbra.com/index.php?title=ZimbraApache
Learn
What is Zimbra? Benets Demos and Videos Industry Solutions Customers Case Studies Awards
Products
Zimbra Collaboration Server Zimbra Cloud and Virtualization Zimbra Open Source Zimbra Desktop Compare Products Pricing Whats New Downloads
Community
Forums Documentation Wiki Blog Gallery Submit Bug Release Status Developer Zone Contribute
Support
Zimbra Support Program Overview User Help Zimbra Customer Support Portal
6 de 7
08/05/12 12:21
http://wiki.zimbra.com/index.php?title=ZimbraApache
Partners
Zimbra Hosting Providers Zimbra VARs Zimbra Training Providers Resources For Partners
About
Careers News Events Webinars Media Contact Us Twitter LinkedIn Facebook
Email Software Email Hosting Zimbra Mail Server Email Archiving and Compliance Software
Calendar and Collaboration Microsoft Outlook Alternative Zimbra for BlackBerry & iPhone Secure Email & Anti Spam Unied Messaging
Zimbra is open source server software for email and collaboration - email, group calendar, contacts, instant messaging, le storage and web document management. The Zimbra email and calendar server is available for Linux, Mac OS X and virtualization platforms. Zimbra syncs to smartphones (iPhone, BlackBerry) and desktop clients like Outlook and Thunderbird. Zimbra also features archiving and discovery for compliance. Zimbra can be deployed on-premises or as a hosted email solution. Zimbra Desktop is a free email and calendar client which runs on any Windows, Apple or Linux desktop computer. It works online and oine and works with any POP or IMAP email account as well as Yahoo! Mail.
7 de 7
08/05/12 12:21