Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org Received: (qmail 37807 invoked from network); 13 Aug 2002 15:50:07 -0000 Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131) by daedalus.apache.org with SMTP; 13 Aug 2002 15:50:07 -0000 Received: (qmail 2102 invoked by uid 97); 13 Aug 2002 15:49:59 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-user@jakarta.apache.org Received: (qmail 2025 invoked by uid 97); 13 Aug 2002 15:49:57 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 1926 invoked by uid 98); 13 Aug 2002 15:49:55 -0000 X-Antivirus: nagoya (v4198 created Apr 24 2002) Message-ID: <83F0258A9996D311B14200A0C98F17360202C3A6@aas-internet.aas.com> From: "Turner, John" To: 'Tomcat Users List' Subject: RE: SSL Connection Tomcat and Apache Date: Tue, 13 Aug 2002 11:49:25 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Thanks for your post with the configuration in it...SSL between apache and tomcat is something I have been wanting to research for awhile now, and your info will make it easier to do that. That said, I'm curious to know how you are verifying that SSL is working between apache and tomcat on different machines. How do you know the datastream is truly encrypted? I'm not questioning your setup, I'm asking how I will know the same thing for sure once I set it up myself. Having SSL setup on both machines is no guarantee that the datastream is encrypted. John Turner jturner@NOSPAM.aas.com -----Original Message----- From: Pooleery, Manoj [mailto:Pooleery@Synygy.com] Sent: Tuesday, August 13, 2002 11:27 AM To: 'Tomcat Users List' Subject: RE: SSL Connection Tomcat and Apache i have it working on different machines. Tomcat on one machine and apache on another. SSL will work irrespective of the machines, as long as both of the machines can see each other.(i mean on the same network). -----Original Message----- From: Wills, Mike N. (TC) [mailto:MNWills@taylorcorp.com] Sent: Monday, August 12, 2002 4:38 PM To: 'Tomcat Users List' Subject: RE: SSL Connection Tomcat and Apache What about the transmittions between Apache and Tomcat? I realize if they are on the same machine it isn't a problem, but what about if it is on a different machine? This is all for the intranet. -----Original Message----- From: Pooleery, Manoj [mailto:Pooleery@Synygy.com] Sent: Monday, August 12, 2002 3:33 PM To: 'Tomcat Users List' Subject: RE: SSL Connection Tomcat and Apache In the httpd.conf file of apache, you can implement the virtual host directive for SSL. The port used is 443. You have to have an entry like this - ## ## SSL Virtual Host Context ## :443> # General setup for the virtual host DocumentRoot "C:/Apache/htdocs" ServerName ServerAdmin webmaster@localhost ErrorLog logs/ssl/error.log TransferLog logs/ssl/access.log SSLCertificateFile "/" SSLCertificateKeyFile "/" you have to generate a CSR file(instructions for creating a CSR can be found at http://www.verisign.com/support/csr/apache/v01.html). Once you create a CSR, you can send it to any of the certificate issuing authorities(verisign, thawte etc) and once you get a certificate, you make the above changes in the httpd.conf. Thanks Manoj. -----Original Message----- From: Wills, Mike N. (TC) [mailto:MNWills@taylorcorp.com] Sent: Monday, August 12, 2002 4:21 PM To: 'tomcat-user@jakarta.apache.org' Subject: SSL Connection Tomcat and Apache I have Apache and Tomcat working together, but now I am curious on security. How I do implement SSL on that connection? Mike Wills IT Corporate Support Taylor Corporation mnwills@taylorcorp.com Phone: (507) 386-3187 -- To unsubscribe, e-mail: For additional commands, e-mail: -- To unsubscribe, e-mail: For additional commands, e-mail: -- To unsubscribe, e-mail: For additional commands, e-mail: -- To unsubscribe, e-mail: For additional commands, e-mail: -- To unsubscribe, e-mail: For additional commands, e-mail: