tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stubenrauch,Andreas" <me...@erv.de>
Subject RE: RE: RE: SSL help need urgently.
Date Thu, 19 Oct 2000 09:57:21 GMT
How can you tell that SSL is working if you can't access resources in your
DocRoot? ;)

Usual Apache SSL-Configs use a different Virtual-Host for SSL-Requests and
therefor have a different DocRoot. Make sure you set your DocRoot in the
SSL-Part correct (and your tomcat mounts) Perhaps just duplicating the
ususal ones.

More in depth discussion on www.mod_ssl.org (if you are using this one)

Regards,
Andreas

> -----Original Message-----
> From: Simon Lam [mailto:simonlam@dhc.com.cn]
> Sent: Thursday, October 19, 2000 2:00 AM
> To: tomcat-user@jakarta.apache.org
> Subject: Re: RE: RE: SSL help need urgently.
> 
> 
> Dear Mike Bremford,
> 
> 	Thanks.
> 	I've installed Apache + SSL. When I tried to connect to 
> my site, SSL seemed to be working. But I can't access any 
> html in my "DocumentRoot" directory. I don't know what's 
> wrong. Where can I find some detailed documents for 
> configuring Apache-SSL. Even a sample httpd.conf will be 
> helpful. Thanks in advance.
> 
> At 2000-10-17 12:08:00 you wrote:
> >Hi Simon - here's the process which we're using, which 
> definately works with
> >3.2 and should with 3.1 as well.
> >
> >1. Browser connects to Apache via SSL.
> >
> >2. Apache decrypts and checks the request. If you've mapped 
> the request to
> >Tomcat, it forwards it on via mod_jserv or mod_jk. If not, 
> it loads the
> >requested file itself, encrypts and sends it back.
> >
> >3a.If you mapped it to tomcat using the Ajpv12 protocol (mod_jserv?
> >definately. mod_jk? possibly), Tomcat has no idea if the 
> request was made
> >via HTTP or HTTPS (i.e. isSecure and getScheme will always 
> return false and
> >HTTP. As a workaround you can check if it was on port 443)
> >
> >3b. If you used mod_jk and the Ajpv13 protocol, Tomcat knows 
> if the request
> >was secure or not, and handles redirections and the like correctly.
> >
> >4. Either way, tomcat runs the servlet or JSP and sends the 
> result back to
> >apache
> >
> >5. Apaache reads the result from tomcat, encrypts it and 
> sends it back to
> >the user.
> >
> >Hope that helps. I would have drawn pictures, but ASCII art 
> is not up to the
> >task.
> >
> >
> >Cheers... Mike
> >
> >PS. 3.2 final should be out soon, so you could always stall 
> your employers
> >for a few days....
> >
> >> -----Original Message-----
> >> From: Simon Lam [mailto:simonlam@dhc.com.cn]
> >> Sent: 17 October 2000 00:00
> >> To: tomcat-user@jakarta.apache.org
> >> Subject: Re: RE: SSL help need urgently.
> >>
> >>
> >> Dear Stubenrauch,Andreas,
> >>
> >> 	Thanks.
> >> 	I use Apache as http server and Tomcat as servlets/JSP
> >> container. Almost all my webpages are generated by
> >> servlets/JSP. So under this kind of condition, which one will
> >> handle my SSL request? Apache or Tomcat?
> >>
> >> At 2000-10-17 9:52:00 you wrote:
> >> >Yes you can, but it depends on what you want to do with SSL.
> >> If it is just
> >> >for securing the transmission you can take Apache+mod_ssl as
> >> front door and
> >> >mount tomcat (with mod_jk) behind it. If need to access the
> >> SSL-headers
> >> >(client-authentification, SSL-Session etc.) or even just
> >> want to know if its
> >> >SSL talking to your web-app you will need Tomcat 3.2
> >> >
> >> >Regards,
> >> >Andreas
> >> >
> >> >> -----Original Message-----
> >> >> From: Simon Lam [mailto:simonlam@dhc.com.cn]
> >> >> Sent: Tuesday, October 17, 2000 2:00 AM
> >> >> To: Tomcat User
> >> >> Subject: SSL help need urgently.
> >> >> Importance: High
> >> >>
> >> >>
> >> >> Hi,
> >> >> 	It seems that Tomcat 3.2 can support SSL. But our
> >> >> client requires us to use only release builds. So Tomcat 3.1
> >> >> is the choice currently. I wonder if Tomcat 3.1 can support
> >> >> SSL. Besides, Apache also supports SSL. Can I use Apache's
> >> >> SSL support instead of Tomcat's?
> >> >> 	Thanks in advance.
> >> >>
> >> >>
> >> >> Regards,                 Z
> >> >> Simon Lam               Z
> >> >>                        z
> >> >>                       z
> >> >>                  |||
> >> >>                m(_ _)m
> >> >> ----------------------------------------
> >> >> Simon Lam(Lin Yang) ICQ:33310990
> >> >> Email: simonlam@engineer.com
> >> >>        simonlam@sjtu.edu
> >> >>  ___ _                  _
> >> >> / __(_)_ __  ___ _ _   | |   __ _ _ __
> >> >> \__ \ | '  \/ _ \ ' \  | |__/ _` | '  \
> >> >> |___/_|_|_|_\___/_||_| |____\__,_|_|_|_|
> >> >> ----------------------------------------
> >> >>
> >>
> >>
> >> Regards,                 Z
> >> Simon Lam               Z
> >>                        z
> >>                       z
> >>                  |||
> >>                m(_ _)m
> >> ----------------------------------------
> >> Simon Lam(Lin Yang) ICQ:33310990
> >> Email: simonlam@engineer.com
> >>        simonlam@sjtu.edu
> >>  ___ _                  _
> >> / __(_)_ __  ___ _ _   | |   __ _ _ __
> >> \__ \ | '  \/ _ \ ' \  | |__/ _` | '  \
> >> |___/_|_|_|_\___/_||_| |____\__,_|_|_|_|
> >> ----------------------------------------
> >>
> >>
> 
> 
> Regards,                 Z 
> Simon Lam               Z
>                        z
>                       z
>                  ||| 
>                m(_ _)m
> ----------------------------------------
> Simon Lam(Lin Yang) ICQ:33310990
> Email: simonlam@engineer.com
>        simonlam@sjtu.edu
>  ___ _                  _
> / __(_)_ __  ___ _ _   | |   __ _ _ __
> \__ \ | '  \/ _ \ ' \  | |__/ _` | '  \
> |___/_|_|_|_\___/_||_| |____\__,_|_|_|_|
> ----------------------------------------
> 

Mime
View raw message