tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Turner, John" <JTur...@AAS.com>
Subject RE: SSL Connection Tomcat and Apache
Date Tue, 13 Aug 2002 15:49:25 GMT

Thanks for your post with the configuration in it...SSL between apache and
tomcat is something I have been wanting to research for awhile now, and your
info will make it easier to do that.

That said, I'm curious to know how you are verifying that SSL is working
between apache and tomcat on different machines.  How do you know the
datastream is truly encrypted?  I'm not questioning your setup, I'm asking
how I will know the same thing for sure once I set it up myself.  Having SSL
setup on both machines is no guarantee that the datastream is encrypted. 

John Turner
jturner@NOSPAM.aas.com

-----Original Message-----
From: Pooleery, Manoj [mailto:Pooleery@Synygy.com]
Sent: Tuesday, August 13, 2002 11:27 AM
To: 'Tomcat Users List'
Subject: RE: SSL Connection Tomcat and Apache


i have it working on different machines.  Tomcat on one machine and apache
on another.  SSL will work irrespective of the machines, as long as both of
the machines can see each other.(i mean on the same network).

-----Original Message-----
From: Wills, Mike N. (TC) [mailto:MNWills@taylorcorp.com]
Sent: Monday, August 12, 2002 4:38 PM
To: 'Tomcat Users List'
Subject: RE: SSL Connection Tomcat and Apache


What about the transmittions between Apache and Tomcat? I realize if they
are on the same machine it isn't a problem, but what about if it is on a
different machine? 

This is all for the intranet.

-----Original Message-----
From: Pooleery, Manoj [mailto:Pooleery@Synygy.com]
Sent: Monday, August 12, 2002 3:33 PM
To: 'Tomcat Users List'
Subject: RE: SSL Connection Tomcat and Apache


In the httpd.conf file of apache, you can implement the virtual host
directive for SSL.  The port used is 443.  You have to have an entry like
this - 

##
## SSL Virtual Host Context
##

<VirtualHost <server_name>:443>

	#  General setup for the virtual host
	DocumentRoot "C:/Apache/htdocs"
	ServerName <server_name>
	ServerAdmin webmaster@localhost
	ErrorLog logs/ssl/error.log
	TransferLog logs/ssl/access.log

	SSLCertificateFile "<certificate_location>/<certificate_name>"
	SSLCertificateKeyFile "<certificate_key_location>/<certificate_key>"
</VirtualHost>                                  

you have to generate a CSR file(instructions for creating a CSR can be found
at http://www.verisign.com/support/csr/apache/v01.html).  Once you create a
CSR, you can send it to any of the certificate issuing authorities(verisign,
thawte etc) and once you get a certificate, you make the above changes in
the httpd.conf.

Thanks
Manoj.

-----Original Message-----
From: Wills, Mike N. (TC) [mailto:MNWills@taylorcorp.com]
Sent: Monday, August 12, 2002 4:21 PM
To: 'tomcat-user@jakarta.apache.org'
Subject: SSL Connection Tomcat and Apache


I have Apache and Tomcat working together, but now I am curious on security.
How I do implement SSL on that connection?

Mike Wills
IT Corporate Support
Taylor Corporation
mnwills@taylorcorp.com
Phone: (507) 386-3187


--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message