1. Install Apache and Implement Reverse proxy in DMZ machine

Three important directives for configuring Apache in DMZ machine. (DBA should pro-vide this information to system administer)

ServerName receivables.yyyyyxxxxxx.com:443 (This will be our external url + the default port in which the https will listen)

ProxyPass / http://erpapps.yyyyyxxxxxx.com:10600/ ProxyPassReverse / http://erpapps.yyyyyxxxxxx.com:10600/

Note: Prior to this we have to get the digital certificate from verisign for the url we have chosen (i.e) receivables.yyyyyxxxxxx.com (Please provide this information to sys ad-min). Steps below:

Request the System administrator (Linux Admin) to generate CSR for the desire URL (receivables.yyyyyxxxxxx.com) in the machine (mmmmmvuam048) you want to host the Apache Service for iReceviables. (Sample csr – receivables.csr)

Verify the csr file using http://www.networking4all.com/en/support/tools/csr+check/ (Copy paste the csr file content provided by system administrator and validate the url – receviables.xxxxxx.com). Make sure you get receiv-ables.yyyyyxxxxxx.com

Send the generated CSR file to Deb / Latha to get VeriSign certificate Send the VeriSign certificate to Linux admin once received from VeriSign.

Apache Configuration:The system administrator should install Apache and configure the reverse proxy setup as mentioned by DBA. Sample configuration file of North America iReceivables attached

Firewall change request

Please submit firewall change request to the network team to allow 10600 (which is our web server port) from DMZ machine to internal Application Tier (erpapps)

Contact: Network team (Firewall / WAN team – Remedy ticket should be raised and assigned to WAN team)

DNS Names for external URL

Please make the external URL point to the right IP (Virtual IP - 192.85.240.81)External url: receivables.yyyyyxxxxxx.com IP Address - 192.85.240.81

Contact : Network (Firewall / WAN team – Remedy ticket should be raised and as-signed to WAN group)