tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Seyffer" <tom...@seyffer.de>
Subject Apache SSL + Tomcat question
Date Fri, 09 Nov 2001 22:48:05 GMT
Hi all,

Assuming that Apache and Tomcat (4.0.1 using mod_webapp) are running on a
single machine and Apache is correctly configured to provide content through
SSL/https.

If I'm now accesing a page like https://server/examples/ everything seems to
work just fine.

So just to be sure: is my assumption correct that all connections to the
server are now fully encrypted using https, and that just "localhost"
connections from the apache to tomcat through mod_webapp are unencrypted?
(which is probably not really sensitive, if both are located on a single
host and unless you do not assume someone is able to install a sniffer your
server...) So I don't have to care about configuring Tomcat itself for SSL,
right?

I've already been sniffing on the net for myself, but there is quite some
traffic, and well... just to be sure to hear some comments on this... :)

Greetings,
Daniel






--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message