tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joseph Molnar" <josephmol...@hotmail.com>
Subject Re: Tomcat, webapp, SSL, and index files?
Date Wed, 03 Apr 2002 09:31:59 GMT
> >> there is actually a setting where you can force it to say
> >> 'https'.
>
> What is this setting?

Hmm, so far it isn't working (just tried it now). I had presumed that you
could set the scheme attribute in the connector to "https" and have secure
set to false...didn't work that way in my first test anyhow.

I do, however ,have the examples operational by basically using the
instructions listed in the server.xml. I have the connector working on port
8008 and Apache now setup to take SSL and then forward to the examples. The
harder part was the Apache certificate setup :).

Here is what I did:

In the server.xml I just changed the connector for WARP (at the bottom of
the file and already there for use) by putting in scheme="https" (again this
didn't appear to do a thing in terms of request.getScheme()).

In Apache you put this (I put it globally):

-----

LoadModule webapp_module      libexec/mod_webapp.so
AddModule  mod_webapp.c

-----

Then I have the virtual host for the ssl location:

-------

<VirtualHost 192.168.120.91:443>

    #  General setup for the virtual host
    ServerName www.myservername.com
    ServerAdmin myadmin@myservername.com

    DocumentRoot "/httpd/www/intranet/site"

    #   SSL Engine Switch:
    #   Enable/Disable SSL for this virtual host.
    SSLEngine on

    #   SSL Cipher Suite:
    #   List the ciphers that the client is permitted to negotiate.
    #   See the mod_ssl documentation for a complete list.
    SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    #   Server Certificate:
    SSLCertificateFile /httpd/conf/ssl.crt/server.crt

    #   Server Private Key:
    SSLCertificateKeyFile /httpd/conf/ssl.key/server1.key

    #   SSL Engine Options:
    <Files ~ "\.(shtml)$">
        SSLOptions +StdEnvVars
    </Files>

    #   SSL Protocol Adjustments:
    SetEnvIf User-Agent ".*MSIE.*" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0

    #
    # Tomcat WARP connector
    #
    WebAppConnection conn      warp  localhost:8008
    WebAppDeploy     examples  conn  /examples
    WebAppInfo /webapp-info


    <Directory /httpd/www/intranet/site>
        Options FollowSymLinks

        AllowOverride AuthConfig

        order allow,deny
        allow from all
    </Directory>

</VirtualHost>
-------

So running the sample JSP (which dumps request info), the following results
come out (I added showing the request type, as you can see it does say
'http', not 'https') :

-------
Request Information
JSP Request Method: GET
Request URI: /examples/jsp/snp/snoop.jsp
Request Protocol: HTTP/1.1
Servlet path: /jsp/snp/snoop.jsp
Path info: null
Path translated: null
Query string: test=a
Content length: -1
Content type: null
Server name: www.myservername.com
Server port: 443
Remote user: null
Remote address: 192.168.110.66
Remote host:
Authorization scheme: null
HTTP Scheme: http
Locale: en_US
-----------

So it is showing that communication 'appears' to come across 443, not 8008.
If nothing else you can use that to check. I am sure there is a way, but I
just got this up tonight and I should head until the morning. I will start
digging back at it tomorrow.  Until then...


----------------------------------------
Joseph Molnar
http://www.codesta.com/


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message