There are a few caveats that may not be obvious to everyone so I am going to cover them here but keep this in mind before starting.
Before starting install epel or you will be missing tesseract:
yum -y install epel-release
#1) When you specify your SSL certificate with a full path, it really needs to exist where you tell it to (including the default location of /etc/ssl/certs and /etc/ssl/c........
[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase........
Server Side Config
1.) First install nfs-utils
yum -y install nfs-utils
2.) Configure nfs share
Create a directory for your NFS share
mkdir /datastore
Create your NFS share in /etc/exports
echo "/datastore 10.220.101.0/24(rw,sync,no_root_squash)" >> /etc/exports
systemctl restart nfs........
So I have a domain "testdomain.com".
Inside test domain.com's root is the following .htaccess:
Options +FollowSymLinks -Indexes
ErrorDocument 403 /launch/index.html
Order Deny,Allow
Deny From All
Allow From 192.168.1.2
When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html
It will show the right error in /launch/........
Some of the cheaper or newer SSL suppliers will require this to work properly (otherwise you may be prompted that the cert is invalid when it's not the case but it will certainly scare off your users!).
In the Apache vhost conf for the domain here is what you add:
SSLCACertificateFile /path/to/your/cafile.pem
Here is a full example of an SSL Vhost config in Apache using a CA Certificate file
........
Stopping httpd: [ OK ]
Starting httpd: [Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on port 80, the first has precedence
[Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on........
vi /etc/httpd/conf.d/ssl.conf
Change the following from "Listen 443" to something like below
Listen 2243
Then find the SSLVirtual Host Context and edit like below (to your new listening port)
##
## SSL Virtual Host Context
##
........