tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject SSL
Date Thu, 01 Jan 1970 00:00:00 GMT

I have some doubts about SSL. Eventhough I posted this mail in user forum, I 
couldn't get any reply. Hence I am posting this in developer forum.

I am now using apache web server with SSL already

that means I can connect to HTTP server using SSL:
or I can connect to HTTP server w/o SSL

I can make a request to servlet using SSL:
or I can make request to servelt w/o SSL

Will I get a secure connection between servlet & web
browser if I

- block all port that can access servlet engine(e.g.
TOMCAT) from internet (e.g. 80, 8080) except SSL port
- now web browser to apache web server connection is
- apache server to TOMCAT is not secure but only
apache can access TOMCAT , then it means
TOMCAT(servlet) is secure too??

If the above way is secure. how can I block access to
servlet through port 80? or block access to a
sepecific web application through port 80? which
means access is only granted through SSL port 443. (in
TOMCAT for example)

Since i need to send private info up from web browser
to servlet and make sure no one spy it. (
user/password for example )


Get your FREE download of MSN Explorer at

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message