Keep your browser updated

Financial and Health industries are notorious for being slow to adopt better technology and instead cling to inferior hardware/software beyond the logical pain point, web browsers included. As a general philosophy I recommend it would be healthy for these industries to adopt the policy that web browsers be kept updated and applications used by the company be maintained to work correctly with modern browsers.

Here are three good reasons to keep browsers updated:

First, old browsers (and the OS they run on) are vulnerable to attacks.

Second, the web evolves quickly. Old browsers will miss out.

Third, old browsers slow down innovation on the web.

I worked with a previous client who insisted on a dynamic Web 2.0 look to the complex web application I was designing but also demanded compatibility with IE7. Delivering on both of these requirements (latest Internet bells and whistles, like mobile browser compatibility and AJAX, as well as backward compatibility with older browser versions) increases the difficulty level and cost of the site development considerably for a number of reasons:

• First you have to test on these older browser versions in addition to testing on the common browsers, which increases the development time. It is not just twice the work, because you have to worry about supporting all browsers with a single application, making a single change requires testing all browsers to make sure fixing an issue in one browser does not break something in another.
• Next you have to pare down features and functionality so that it works consistently everywhere, so you might have had a nice dynamic form element or navigation control working in IE9 and FireFox 4, but it all gets tossed out when it cannot work in IE7 (see holding up innovation reason given above).
• Also, for some "must have" site features or functionality: developers will usually have to code around older browser version quirks, so instead of writing code in one place to perform a task, it is written one place or one way for modern browsers and another place or another way for older browsers (see slowing down the web). This causes a code maintenance issue as you now have multiple places to check to fix problems or update code for a single feature or site behavior. This is a problem for HTML, CSS, and Javascript as all three can behave differently on different browsers.
• Yet another problem that can arise is your Javascript/CSS performance can vary widely in different browser flavors and versions, for example IE7 Javascript benchmarks are miserably slow when compared with more recent versions of IE and other browsers like FireFox or Chrome. This can cause problems where failing to test on the required browser versions can really bite you.
• If a performance issue (or any browser version issue) is found late in the development cycle, either because the testing was not done along side development in that version or because developers only used modern browsers for their self verification and validation of the application, then the time needed to fix the entire problem is much larger and more difficult than if it had been caught earlier because much more code is in place to review and repair and test.

99% of businesses do not have the resources to provide application support on dozens of browsers versions, it is less expensive to support the current browsers than to support historical ones. Developers are much happier working with current tech than outdated tech as well. Your clients may not want to upgrade their browsers, they may ‘need’ the old browser to access a neglected internal application which only works with a specific legacy browser, but clients refusing to update their software and maintain their web applications are hurting themselves (and you) in several ways:

1. old software makes their business less competitive (faster browsers/computers make a more efficient workforce);
2. old/inferior software has high hidden costs (performance issues, functional issues, security vulnerabilities, feature limitations, and incompatibilities with emerging technologies);
3. outsourced development vendors always find doing business with clients clinging to old software is more expensive and they increase their bids accordingly (I saw this first hand many times working as a consultant);
4. some development vendors even flat out refuse business which requires older browser compatibility as a policy / business strategy. This allows their developers freedom to ignore issues only present in older browsers and they can therefore innovate more efficiently.

Newer IE browsers can run in a legacy mode, emulating the previous versions, for those rare cases where a legacy browser mode is needed to use a web site. You can even set preferences for specific sites such that certain sites always use a compatibility mode. The barrier to upgrading to a new browser is mostly self-inflicted because browser creators do everything possible to encourage adoption of the newer version.

How do I test my web application against IE6 and IE7 in Windows 7?

How do I test my web application against IE6 and IE7 and IE8 and IE9 in Windows 7?

Problem: Windows 7 comes with IE8 or IE9 or IE10 (and does not have a path back to use IE6 or IE7, (and don't patronize me with browser emulation solutions, they all suck.) Microsoft has sunsetted support for IE6 and IE7 is getting closer to being out of support as well.

Solution:

Go here http://www.microsoft.com/windows/virtual-pc/download.aspx

1. Download the 500 MB Windows XP Mode VHD installer.
2. Run the installer.
3. Download Virtual PC if you lack this.
4. Test with IE6 bundled in the vhd.
5. Make a second vhd and upgrade to IE7 within the Virtual PC VM.*
6. Rinse and repeat for IE8, IE9
7. If you are doing local web development, install the Microsoft Loopback adapter on your host OS.
8. You now have the ability to test your site in native IE6 and IE7 and IE8, IE9, and IE10.
   
   

Other tools exist to emulate or simulate IE6 and IE7 web rendering, but they will always fall short of the mark and open you to risks if they fail to display your site *exactly* the way it displays in the native browser and I recommend that they should not be used for any project where you can use a VM instead.

*For this step there are some special tricks to it. After making a copy of your IE6 vhd file, you need to change it's hardware signature to avoid conflicts with running it in parallel with your IE6 VM.

Windows 7 comes with a command line utility called diskpart that can let you view and change the disk signature.

Open a command prompt as administrator. To do this in Windows 7, click the Windows start menu (the round Windows icon on the left bottom corner), type "cmd" (without the quotes), right click the "cmd.exe" item that appears at the top of your menu, and click the line "Run as administrator". Do this even if you are already logged in as administrator, since on Windows 7, administrators run with reduced rights by default.

A black command prompt window will open. In Windows 7, the title bar of the window will tell you that you are running it as Administrator. If it does not, it means you did not do what I just said above. Return and follow the first step, or you will not be able to successfully carry out the rest of this tutorial.

Type "diskpart" (without the quotes) into the window. (Note: for this and the other commands described here, you'll have to hit the ENTER key after you finish typing your commands for them to take effect.)

Microsoft DiskPart will start. When it is ready, it will issue a "DISKPART>" prompt, allowing you to enter your commands.

Type "list disk" (without the quotes). This will list all the disks that are currently mounted (connected to the system). The disk will not have the usual names and labels that you're accustomed to from the Windows Explorer interface, so you will have to recognize them by their sizes.

Note that "list disk" actually lists the physical disks, and not the partitions that you may have assigned drive letters. This means that if you have 2 physical disks, with 3 partitions on each, so that you have drives C:, D:, E:, F:, G: and H:, "list disk" will only show "Disk 0" and "Disk 1".

To view the signature of a disk, you must first select it. To select a disk, type "select disk x" (without the quotes) where x is the number of the disk from your "list disk" display. When you type (say) "select disk 1", DiskPart will respond by telling you "Disk 1 is now the selected disk".

Now type "uniqueid disk" (again, without the quotes). DiskPart will respond with the disk's signature, a series of hexadecimal digits (or at least I think it's hexadecimal).

To change the signature to some other number, type "uniqueid disk ID=[NEW SIGNATURE]" (without the quotes) where "[NEW SIGNATURE]" stands for the new identifier you want for the disk (without the square brackets and without the quotes). However, before you do that, you may want to type "help uniqueid disk", which will give you more information on how the command works. You may also want to find out the disk signatures of your other disks on your system before you modify your current one so that you don't cause a new signature collision in trying to solve your current problem. In addition, if you're really not sure how many digits you should give your disk, perhaps try changing only one digit of the current signature (eg, increasing or decreasing it by 1). Remember my disclaimer above: I really don't know what I'm talking about here: do it at your own risk.

To quit DiskPart, type "exit". Incidentally, in case you get lost while running DiskPart, when you are at the "DISKPART>" prompt, you can type "help" to get a list of commands. Typing "help" followed by the command typically gives you more info about that command.

Once you've quit DiskPart, type "exit" again to quit the Administrator Command Prompt

(source: http://www.howtohaven.com/system/change-disk-signature.shtml)

Setting up command line Apache Xalan XSLT processor

You need to put the Xalan jars in the System classpath, create or edit the environment variable called CLASSPATH, set it with a value like this

CLASSPATH=C:\Projects\Java\Runtime\lib\xalan.jar;C:\Projects\Java\Runtime\lib\xml-apis.jar;C:\Projects\Java\Runtime\lib\serializer-2.7.0.jar;

Ultimately you need three JARs on the classpath:

• xalan.jar
• xml-apis.jar
• serializer-#.#.#.jar

You cannot take a shortcut and just specify a folder containing these jars, you must give java the full path to them. For a permanent solution put the three jars in the \lib\endorsed directory, then the classpath will always have them.

You should already have a JRE or JDK in the system PATH as well:

set PATH=C:\SDKs\jdk1.6.0_18\bin;%PATH%

With that in place you can transform XML using XSLT on the command line with the Xalan parser like this:

java org.apache.xalan.xslt.Process -out output.out -in input.xml -xsl transform.xslt

Where

output.out is the file to create,

input.xml is the input xml file to transform, and

transform.xslt is the XSLT XML file to transform the input xml file with.

This is handy because you can also give the JVM 2GB of heap memory like this to process large input files:

java -Xms2g -Xmx2g org.apache.xalan.xslt.Process -out output.out -in input.xml -xsl transform.xslt

If you are runnng into out of memory heap space errors parsing XML with XSLT, this is a good way to get past that problem. If you cannot get further beyond your out of memory errors, then look at breaking apart the XML with Java or Perl somehow before transforming it with XSLT. You might even be able to use 64-bit JVM to address a huge amount of memory much larger than you probably have available in the physical machine.

How to change the Java heap size for WebSphere Application Server 6.1 profiles

How to change the Java heap size for WebSphere Application Server 6.1 profiles

Open the integrated solutions console
https://:9044/ibm/console/
Default login is
system:manager

Navigate to the JVM for the server profile you want to change

Application servers > server1 > Process Definition > Java Virtual Machine
Change these values
Initial Heap Size=512
Maximum Heap Size=512
These correspond to the Xms and Xmx params of the JVM. So make sure you do not set Max lower than Initial, nor set Max higher than available OS RAM. I am not sure if adding a K,M,or G to the number will work, it seems by default the numbers are considered MB. Be aware that your JVM is 32 bit so there is a mathematical limit (and practical limit) to how much memory it can address. 3800 MB is where you will likely top out for max heap space unless your OS limits you to 2GB, which puts your heap max down to 1600MB.

You will have to restart the WAS server profile instance to have this change take effect on the JVM.

Increase the memory for MyEclipse Blue IDE

1. Open this file:
C:\Program Files\Genuitec\MyEclipse Blue Edition 8.0 GA\myeclipse-blue.ini

2. Edit lines so it looks like this at the bottom:

-Xms1024m
-Xmx1024m

This will give you 1GB ram for MyEclipse Blue.

My complete ini file looks like this:

-install
C:/Program Files/Genuitec/MyEclipse Blue Edition 8.0 GA
-vm
C:/Program Files/Genuitec/Common/binary/com.sun.java.jdk.win32.x86_1.6.0.013/jre/bin/client/jvm.dll
-startup
../Common/plugins/org.eclipse.equinox.launcher_1.0.201.R35x_v20090715.jar
--launcher.library
../Common/plugins/org.eclipse.equinox.launcher.win32.win32.x86_1.0.200.v20090519
-vmargs
-Xms1024m
-Xmx1024m
-XX:MaxPermSize=256m
-XX:ReservedCodeCacheSize=64m

Adding a datasource to the maven jetty plugin

In your pom.xml

           <plugin>
               <groupId>org.mortbay.jetty</groupId>
               <artifactId>maven-jetty-plugin</artifactId>
               <version>6.1.21</version>
               <configuration>
                    <!-- <jettyConfig>src/main/resources/devJetty.xml</jettyConfig>  -->
                    <webXml>${basedir}/src/main/resources/jetty-web.xml</webXml>
                    <jettyEnvXml>${basedir}/src/main/resources/jetty-env.xml</jettyEnvXml>
                   <contextPath>/OCM</contextPath>
                   <scanIntervalSeconds>3</scanIntervalSeconds>
                   <scanTargetPatterns>
                       <scanTargetPattern>
                           <directory>src/main/webapp/WEB-INF</directory>
                           <excludes>
                               <exclude>**/*.jsp</exclude>
                           </excludes>
                           <includes>
                               <include>**/*.properties</include>
                               <include>**/*.xml</include>
                           </includes>
                       </scanTargetPattern>
                   </scanTargetPatterns>
                   <stopKey>foo</stopKey>
                   <stopPort>9966</stopPort>
               </configuration>
           </plugin>
Key lines are
                    <webXml>${basedir}/src/main/resources/jetty-web.xml</webXml>
                    <jettyEnvXml>${basedir}/src/main/resources/jetty-env.xml</jettyEnvXml>

Define your jetty-env.xml like this:

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC -//Mort Bay Consulting//DTD Configure//EN http://jetty.mortbay.org/configure.dtd>

<Configure class="org.mortbay.jetty.webapp.WebAppContext">

 <!-- an XADataSource                                                -->
 <New id="MAVENJETTYDS" class="org.mortbay.jetty.plus.naming.Resource">
   <Arg></Arg>
   <Arg>jdbc/datasource</Arg>
   <Arg>
         <New class="org.apache.commons.dbcp.BasicDataSource">
                     <Set name="driverClassName">[[jdbc driver class]]</Set> <!-- for example, com.ibm.db2.jcc.DB2Driver -->
                     <Set name="url">[[jdbc url]]</Set> <!-- for example, jdbc:db2://yourdbhostnameorip:[port]/yourdb -->
                     <Set name="username">[[username]]</Set><!-- for example, yourmom -->
                      <Set name="password">[[password]]</Set><!-- for example, correcthorsebatterystaple -->
                     <Set name="defaultCatalog">[[schema, if needed]]</Set>
         </New>
   </Arg>
  </New>
</Configure>

Then add the ref to your web.xml

<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" id="WebApp_1270163143862">
<pre>
   <!-- SNIP -->

<!-- Bug fix for editing locked CSS and JS running in Jetty -->
<servlet>
   <servlet-name>default</servlet-name>
   <servlet-class>org.mortbay.jetty.servlet.DefaultServlet</servlet-class>
   <init-param>
     <param-name>useFileMappedBuffer</param-name>
     <param-value>false</param-value>
   </init-param>
   <load-on-startup>0</load-on-startup>
</servlet>

       <resource-ref>
         <res-ref-name>jdbc/datasource</res-ref-name>
         <res-type>javax.sql.DataSource</res-type>
         <res-auth>Container</res-auth>
    </resource-ref>

</web-app>

Understanding Maven dependency scope

You can specify the scope for a dependency in the maven pom file, here are the scope values you can choose and what effect they have:

• compile: This dependency is needed for compilation of the main source
• test: This dependency is needed for compiling and running tests. It is not needed for compiling the main source or running the final artifact.
• runtime: This dependency is needed for running the final artifact. It is not needed for compiling the main source or compiling or running the tests.
• provided: This dependency is needed for compiling and/or running the artifact but is not necessary to include in the package, because it is provided by the runtime environment - for example, jsp-api.jar is provided by your web application container, so you don't include it in your WEB-INF/lib (for the example of a webapp); or a plugin or optional package that is a prerequisite for your application, but is not bundled with your application.
• system: don't use this one

source: http://docs.codehaus.org/display/MAVENUSER/Dependency+Scopes

JSP debug code

The following can be pasted into a JSP and then used to display (either in HTML source or in the browser window), the JSP Request, Session, Page, and Application settings for the environment and container the JSP is running within.

I have found this to be a quick useful way to get the lay of the land, when joining a project already in development.

<!-- 
 <%@ page import="java.util.*"%>
 <%
  Object eobj = request.getParameter("error");
  if (eobj != null) {
   Exception exception = null;
   Object obj = request.getAttribute("exception");
   if (obj != null && obj instanceof Exception) {
    exception = (Exception) obj;
   }
   if (exception == null) {
    obj = request.getAttribute("javax.servlet.error.exception");
    if (obj != null && obj instanceof Exception) {
     exception = (Exception) obj;
    }
   }
   if (exception != null) {
 %><pre>
  <%
   exception.printStackTrace(new java.io.PrintWriter(out));
  %>
 </pre>
 <%
  }
  }
  out.println("<h3>Request:</h3><ul>");
  Enumeration names = request.getHeaderNames();
  while (names.hasMoreElements()) {
   String name = (String) names.nextElement();
   out.println("<li>HEADER " + name + ": "
     + request.getHeader(name));
  }

  for (Enumeration e = request.getParameterNames(); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   out.println("<li>PARAM " + name + "="
     + request.getParameter(name) + "</li>");
  }

  for (Enumeration e = request.getAttributeNames(); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   out.println("<li>ATTRIB " + name + "="
     + request.getAttribute(name) + "</li>");
  }
  out.println("</ul><h3>Session:</h3><ul>");
  for (Enumeration e = session.getAttributeNames(); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   out.println("<li>ATTRIB " + name + "="
     + session.getAttribute(name) + "</li>");
  }
  out.println("</ul><h3>Page Scope Attributes:</h3><ul>");
  for (Enumeration e = pageContext
    .getAttributeNamesInScope(pageContext.PAGE_SCOPE); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   out.println("<li>ATTRIB "
     + name
     + "="
     + pageContext
       .getAttribute(name, pageContext.PAGE_SCOPE)
     + "</li>");
  }
  out.println("</ul><h3>Application Scope Attributes:</h3><ul>");
  for (Enumeration e = pageContext
    .getAttributeNamesInScope(pageContext.APPLICATION_SCOPE); e
    .hasMoreElements();) {
   String name = (String) e.nextElement();
   if (name.equals("com.sun.jsp.taglibraryCache")) {
    out.print("<li>ATTRIB " + name
      + "= <b>NULL POINTER!</b></li>");
    continue;
   }
   out.print("<li>ATTRIB " + name + "=");
   out.println(pageContext.getAttribute(name,
     pageContext.APPLICATION_SCOPE)
     + "</li>");
  }
  out.println("</ul>");
 %>
 -->

JSP for DataSource Connection Pool testing

If you need to test a datasource here is a JSP that will help you do it.

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
   pageEncoding="ISO-8859-1"%>
<%@ page import="java.sql.*,javax.naming.*,javax.sql.*" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Test Data Source</title>
</head>
<body>
<h1>Test Data Source</h1>
<p>Hello</p>
<%
    DataSource ds = null;
    Connection con = null;
    Statement stmnt = null;
    ResultSet resultSet = null;
   try {
       InitialContext ctx = new InitialContext();
       ds = (DataSource)ctx.lookup("java:comp/env/jdbc/DataSource");
       con = ds.getConnection();
    stmnt = con.createStatement();
    resultSet = stmnt.executeQuery("select * from PERSON");
    if (resultSet != null) {
        %><table><tr><%
       ResultSetMetaData resultSetMetaData = resultSet.getMetaData();
       int nOfColumns = resultSetMetaData.getColumnCount();
       for(int j = 0; j<nOfColumns; j++) {
           String columnLabel = resultSetMetaData.getColumnLabel(j+1);
           %><th><%=columnLabel %></th><%
       }
       %></tr><%
       if (resultSet.getType() != ResultSet.TYPE_FORWARD_ONLY) {
           resultSet.beforeFirst();
       }
       while (resultSet.next()) {
                %><tr><%
               for (int i = 1; i <= nOfColumns; ++i) {
                        %><td><%
                       Object  value = resultSet.getObject(i);
                       if (resultSet.wasNull()) {
                           %><b>null</b><%
                       } else {
                           %><%=value.toString() %><%
                       }
                       %></td><%
               }
               %></tr><%
       }
       %></table><%
    }
   } catch(NamingException e) {
       throw e;
   } catch(SQLException e) {
       throw e;
   } finally {
      try {
        if (resultSet != null) {
          resultSet.close();
        }
      } catch (SQLException e) {
      }
      resultSet = null;
      try {
        if (stmnt != null) {
          stmnt.close();
        }
      } catch (SQLException e) {
      }
      stmnt = null;
      try {
        if (con != null) {
          con.close();
        }
      } catch (SQLException e) {
      }
      con = null;
      ds = null;
   }
%>
</body>
</html>

Just change

java:comp/env/jdbc/DataSource

To what the name of your DataSource connection pool is.

Then change

select * from PERSON

To a test query from this table:

Cloudscape	#SQL SELECT 1
#DB2	#SQL SELECT COUNT(*) FROM SYSIBM.SYSTABLES
#Informix	#SQL SELECT COUNT(*) FROM SYSTABLES
#Microsoft SQL Server	#SQL SELECT COUNT(*) FROM SYSOBJECTS
#MySQL	#SQL SELECT 1
#Oracle	#SQL SELECT 1 FROM DUAL
#PointBase	#SQL SELECT COUNT(*) FROM SYSTABLES
#PostgreSQL	#SQL SELECT 1
#Progress	#SQL SELECT COUNT(*) FROM SYSTABLES
#Sybase	#SQL SELECT COUNT(*) FROM SYSOBJECTS

Do not use this code to interact with a datasource, this should only be used for figuring out what the name of a datasource you created in the J2ee container is and that it is working.

Database test SQL for each vendor

When I setup a connection pool or database tool with a new database profile I like to test that it works, here are some vendor specific SQL you can use to test your db connection.

Cloudscape	#SQL SELECT 1
#DB2	#SQL SELECT COUNT(*) FROM SYSIBM.SYSTABLES
#Informix	#SQL SELECT COUNT(*) FROM SYSTABLES
#Microsoft SQL Server	#SQL SELECT COUNT(*) FROM SYSOBJECTS
#MySQL	#SQL SELECT 1
#Oracle	#SQL SELECT 1 FROM DUAL
#PointBase	#SQL SELECT COUNT(*) FROM SYSTABLES
#PostgreSQL	#SQL SELECT 1
#Progress	#SQL SELECT COUNT(*) FROM SYSTABLES
#Sybase	#SQL SELECT COUNT(*) FROM SYSOBJECTS

This is useful because you don't often know what tables exist in a database to test a query with, you can't assume select * from person would work if no person table was created. These queries are for the builtin system database resource in the specific vendor database types, they should exist even on a freshly installed or blank database server.

How do I setup SSL for my apache web server?

Here is what I did to setup SSL for an apache web server on my local 64 bit Windows 7 box.

Download Apache2 with SSL module.

Install it here C:\Program Files (x86)\Apache Software Foundation\Apache2.2

Create an APACHE_HOME environment variable, from now on this is APACHE_HOME=C:\Program Files (x86)\Apache Software Foundation\Apache2.2

Add %APACHE_HOME%\bin to the path

Make a link to fix a bug with 64-bit Windows:

mklink /D %USERPROFILE%\apache "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\"

Next I did the following:

cd %APACHE_HOME%\bin   openssl req -config "%APACHE_HOME%\conf\openssl.cnf" -new -out "%USERPROFILE%\cg.csr" -keyout "%USERPROFILE%\cg.pem" 

Loading 'screen' into random state - done  Generating a 1024 bit RSA private key .. ++++++ ...................++++++ writing new private key to  'C:\Documents and Settings\Administrator\cg.pem'  Enter PEM pass phrase:  Verifying - Enter PEM pass phrase:  -----  You are about to be asked to enter information that will be  incorporated into your certificate request. What you are about to  enter is what is called a Distinguished Name or a DN. There are  quite a few fields but you can leave some blank For some fields  there will be a default value, If you enter '.', the field will be  left blank.  -----  Country Name (2 letter code) [AU]:US  State or Province Name (full name) [Some-State]:Utah  Locality Name (eg, city) []:Orem  Organization Name (eg, company) [Internet Widgits Pty Ltd]:CG, LLC  Organizational Unit Name (eg, section) []:Engineering  Common Name (eg, YOUR name) []:   Email Address []:   Please enter the following 'extra' attributes to be sent with your  certificate request A challenge password []:  An optional company name []: 

for the "YOUR" name parameter openssl asks for (domain name) I used my machine's network name. (this is important because your HTTPS urls will check for the domain name in the browser request.

Next I did this to create a key file:

openssl rsa -in "%USERPROFILE%\cg.pem" -out "%USERPROFILE%\cg.key" 

Enter pass phrase for C:\Documents and Settings\Administrator\cg.pem: writing RSA key 

Next I ran this to create a certificate file:

openssl x509 -in "%USERPROFILE%\cg.csr" -out "%USERPROFILE%\cg.cert" -req -signkey "%USERPROFILE%\cg.key" -days 365 

Loading 'screen' into random state - done  Signature ok subject=/C=US/ST=Utah/L=Orem/O=CG, LLC/OU=Engineering/CN=cg.com Getting Private key 

The %USERPROFILE%\cg.key and %USERPROFILE%\cg.cert are used by apache for encrypting data over HTTPS. I copied them into %APACHE_HOME%\conf:

copy "%USERPROFILE%\cg.key" "%APACHE_HOME%\conf"  copy "%USERPROFILE%\cg.cert" "%APACHE_HOME%\conf" 

*The excessive use of quotations(") is to account for pesky directory names with spaces fouling up the command line.

Now it is time to configure apache to enable SSL, and configure apache with your generated SSL key and certificate:

uncommment these lines in %APACHE_HOME%\conf\httpd.conf

..  LoadModule ssl_module modules/mod_ssl.so  ...  Include conf/extra/httpd-ssl.conf  ... 

Replace localhost with your fully qualified domain name or IP address in httpd.conf and extra/http-ssl.conf

ServerName cg.com:80 

Edit the extra/httpd-ssl.conf file and fix the Windows 7 bug using the soft link created earlier:

change this  SSLSessionCache        "shmcb:C:/Program Files (x86)/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"   to this  #SSLSessionCache        "shmcb:C:/Program Files (x86)/Apache Software Foundation/Apache2.2/logs/ssl_scache(512000)"  SSLSessionCache        "shmcb:%USERPROFILE%/apache/logs/ssl_scache(512000)" 

because the (x86) in the path confuses apache !

Check that this is set and uncommented:

SSLEngine on 

Also change these values:

SSLCertificateFile "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/cg.cert"  SSLCertificateKeyFile "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/cg.key" 

Restart apache and you should be able to use https urls.

If you don't have mklink, use junction from here http://technet.microsoft.com/en-us/sysinternals/bb896768

junction "%USERPROFILE%\apache" "C:\Program Files (x86)\Apache Software Foundation\Apache2.2\"

Or make sure to change the default folder you install Apache HTTPD to one which does not contain parenthesis, I use a set of folders

C:\Apps\

C:\Tools\ as folders to install most software and avoid Program Files and Program Files (x86) default locations for this reason.

For setting up Request Forwarding (Apache as a Proxy server)

Uncomment this in httpd.conf:

LoadModule rewrite_module modules/mod_rewrite.so 

Turn off ProxyRequests (apparently the Internet will asplode if you leave it on):

ProxyRequests off

For each path you want to proxy with Apache do this:

ProxyPass ProxyPassReverse /          SetOutputFilter  proxy-html          RequestHeader    unset  Accept-Encoding  

For example, if I want to pass all requests made to the Apache web server on /CG root path to a WebSphere J2EE application server running at http://cg.com:9080/CG, then I would create this:

ProxyPass /CG http://cg.com:9080/CG  ProxyPassReverse /CG http://cg.com:9080/CG ProxyPassReverse /          SetOutputFilter  proxy-html          RequestHeader    unset  Accept-Encoding 

You may also need to uncomment these lines in httpd.conf to get some of the proxy configuration to work:

LoadModule proxy_module modules/mod_proxy.so

LoadModule headers_module modules/mod_headers.so

LoadModule proxy_module modules/mod_proxy.so

Use this command to restart apache whenever changing the httpd.conf:

httpd.exe -k restart

Also to force HTTPS for a proxy path using Apache Rewrite:

First turn on mod_rewrite in httpd.conf:

LoadModule rewrite_module modules/mod_rewrite.so 

Change your location that you want to force HTTPS to this

ProxyPassReverse /          SetOutputFilter  proxy-html          RequestHeader    unset  Accept-Encoding       RewriteEngine On      RewriteCond %{HTTPS} off       RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} 

Conditional Request Headers

I need to have a redirected request from a login service which sets a response cookie for successful login, add a special header value to the request:

httpd.conf needed this:

SetEnvIf Cookie "x_ldap_userdata=([^;]+)" USERDATA=$1  SetEnvIf Cookie "x_ldap_userdata=([^;]+)" HAVE_USERDATA=1  RequestHeader append LDAP-Username "%{USERDATA}e" env=HAVE_USERDATA

Now the string

LDAP-Username:username 

will be added to the header of requests when a cookie for a similar domain and path named x_ldap_userdata has been set in the browser by the login service.

The browser is dumb and just follows the redirect but cannot be told to put a header value in the request, you must add these changes to the httpd.conf to modify the request to include a special authentication header value.

Clear as mud?

I used these links to download apache 2 with ssl and also openssl:

http://downloads.sourceforge.net/gnuwin32/openssl-0.9.8h-1-setup.exe

http://apache.osuosl.org//httpd/binaries/win32/httpd-2.2.17-win32-x86-openssl-0.9.8o.msi