Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org Received: (qmail 17318 invoked from network); 13 Aug 2002 17:06:39 -0000 Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131) by daedalus.apache.org with SMTP; 13 Aug 2002 17:06:39 -0000 Received: (qmail 2463 invoked by uid 97); 13 Aug 2002 17:06:05 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-user@jakarta.apache.org Received: (qmail 2434 invoked by uid 97); 13 Aug 2002 17:06:04 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 2315 invoked by uid 98); 13 Aug 2002 17:06:00 -0000 X-Antivirus: nagoya (v4198 created Apr 24 2002) Message-ID: <70DD0724686ED611ACC70050228A1ECA06DBE4@SRV_1> From: Andreas Mohrig To: 'Tomcat Users List' Subject: RE: SSL Connection Tomcat and Apache Date: Tue, 13 Aug 2002 19:08:26 +0200 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N > client <- talks on 443 ssl to -> apache <- talks ??? on port 8009 -> tomcat I would think apache talks "AJP protocol" on port 8009 to tomcat. The ssl between client and port 443 on apache is "http over ssl". Since I don't know of something like "ajp over ssl" I would presume it is not encrypted. Again: Correct my if I'm wrong, since I have not tested it with a packet-sniffer (or something like that). greetings Andreas Mohrig -----Original Message----- From: Wills, Mike N. (TC) [mailto:MNWills@taylorcorp.com] Sent: Tuesday, August 13, 2002 6:54 PM To: 'Tomcat Users List' Subject: RE: SSL Connection Tomcat and Apache This is exactly what I am wondering about. -----Original Message----- From: Peter T. Abplanalp > -----Original Message----- > From: Wills, Mike N. (TC) > What about the transmittions between Apache and Tomcat? I realize if they > are on the same machine it isn't a problem, but what about if it is on a > different machine? On Tue, Aug 13, 2002 at 11:27:21AM -0400, Pooleery, Manoj wrote: > i have it working on different machines. Tomcat on one machine and apache > on another. SSL will work irrespective of the machines, as long as both of > the machines can see each other.(i mean on the same network). i'm not sure this answers the question. i am also interested in this. let me draw a picture: client <- talks on 443 ssl to -> apache <- talks ??? on port 8009 -> tomcat the problem being that if the webser gets encrypted stuff and then passes it to tomcat in the clear, someone could get the unencrypted info from the second conversation. -- To unsubscribe, e-mail: For additional commands, e-mail: -- To unsubscribe, e-mail: For additional commands, e-mail: