tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Angel, Ronald J" <rjan...@switch.com>
Subject Apache Secure Server & Tomcat 4.0
Date Fri, 18 Jan 2002 17:05:28 GMT

I'm attempting to configure an Apache (apache-1.3.12-2) server 
running on RH6.2 (2.2-16.3) with Tomcat 4.0.1 to use SSL.

Also using JDK 1.3.1..

I read & re-read the 'SSL Config HOW-TO' from Apache's web-site.

I've also gone over the 'Building a Secure RedHat Apache Server HOW-TO'.

As per the SSL config doc, I've downloaded & installed the JSSE 1.0.2.
 (Basically, just move the 3 jar files to the appropriate directory,
correct?)
Created a certificate keystore file and placed in the home dir of the user
which starts Tomcat.  Finally I uncommented the SSL Connector line in
server.xml.

Currently, I don't even think Tomcat is part of the problem, since, I can't
event get to a test page.
>From IE5  https://myServer/~myuser fails with a 'Page cannot be displayed'
 error message. (Cannot find server or DNS Error)
However, http://myServer/~myuser works fine.

Further,  http://myServer:443/~myuser &  http://myServer:8443/~myuser  fail
with the same message as above.


Questions:
    1)  Some of the docs (incl. server.xml) appear to be using port 8443
         while port 443 seems to be the standard (/etc/services), which
         should be used?

     2)  Do both apache & tomcat have SSL provisions built in?  The RH
          Apache docs refer to installing mod_ssl or apache_ssl in addition
          to openssl.  I was told that Tomcat 4.0+ has them already. This
          confused me.  I thought 'Apache' took care of the 'httpd' portion,
          while 'Tomcat' supplied the 'java' apps (containers for our
servlets)
     
      3) Therefore, even if I'm using Tomcat 4.0, do I still need mod_ssl/ 
          apache_ssl plus open_ssl?

      4) Will Apache (httpd) just pass the the HTTPS requests along to
          Tomcat?

      5) Any SSL for Dummies sites out there?


Finally,
    I also have a firewall/proxy issue to deal with here, hopefully that
will be
    resolved next week when the server is moved onto our local network.
    I'm not sure exactly the firewall is preventing me from doing right now.
    Just too many variables to work with...

Once I get all this working I get to through CORBA into the mix.  Can't
wait.


ThankX all
Ron



--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message