tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oscar Carrillo <tom...@daydream.stanford.edu>
Subject RE: Tomcat / Apache / SSl
Date Tue, 13 Jan 2004 18:04:37 GMT
You will use the same connector over port 8009. No additional connector 
needed over any other port.

In your "ssl.conf" for apache, you will create a VirtualHost entry very
much like the one that's in your "httpd.conf" file. In there you will do 
your JkMount declaratives, etc.

BTW, I use 0.9.7c openssl because that one is patched for a 
vulnearability. Just thought I'd mention it eventhough you list yours as 
Nov 4, which probably means the patch was backported.

Oscar
http://daydream.stanford.edu/tomcat/install_web_services.html

On Tue, 13 Jan 2004 johncoyle@ramsesit.com wrote:

> Software: Apache - 2.0.48
> Tomcat - 4.1.29
> OpenSSL - 0.9.6l [engine] 04 Nov 2003
> 
> Hi,
> 
> I am trying to encrypt all data being transmitted from the client pc to
> the webserver, and also from the webserver to tomcat. I have only been
> working on tomcat for a couple of months but have experience on WebSphere.
> 
> 
> I have enabled ssl on both apache and on tomcat, and both are accessible
> directly:
> apache: https://host
> tomcat: https://host:8443
> 
> 
> 
> When I try set up a connector from apache to tomcat using port 8443 i get
> an "Internal Server Error" and the follwoing errors in the mod_jk log:
> 
> 
> [jk_ajp_common.c (661)]: In jk_endpoint_t::ajp_connect_to_endpoint,
> connected sd = 16
> [jk_ajp_common.c (693)]: sending to ajp13 #358
> [jk_ajp_common.c (966)]: ajp_send_request 2: request body to send 0 -
> request body to resend 0
> [jk_ajp_common.c (755)]: ajp_connection_tcp_get_message: Error - Wrong
> message format 0x1503
> [jk_ajp_common.c (1137)]: Error reading reply from tomcat. Tomcat is down
> or network problems.
> [jk_ajp_common.c (1290)]: ERROR: Receiving from tomcat failed, recoverable
> operation. err=2
> [jk_ajp_common.c (1309)]: sending request to tomcat failed in send loop.
> err=2
> [jk_ajp_common.c (1318)]: Error connecting to tomcat. Tomcat is probably
> not started or is listening on the wrong port. Failed errno = 0
> [jk_ajp_common.c (1529)]: Into jk_endpoint_t::done, closing connection 0
> [jk_ajp_common.c (605)]: In jk_endpoint_t::ajp_close_endpoint
> 
> 
> Apache to Tomcat using the ajp13 connector over port 8009 works fine but I
> have a requirement to encrypt all data. Any ideas?
> Thanks,
> John
> 
> 
> Configs: ========
> --- Tomcat configs
> ## server.xml
> ...
> <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
> port="8443" minProcessors="5" maxProcessors="75" enableLookups="true"
> acceptCount="100" debug="0" scheme="https" secure="true"
> useURIValidationHack="false" disableUploadTimeout="true">
> <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
> clientAuth="true" protocol="TLS" /> </Connector>
> ...
> 
> ## workers.properties
> 
> workers.tomcat_home="/usr/jakarta-tomcat-4.1.29/"
> workers.java_home="/usr/java/j2sdk1.4.1_03/bin/java"
> ps=/
> 
> worker.list=bob
> 
> worker.loadbalancer.type=lb
> worker.loadbalancer.balanced_workers=bob
> 
> worker.bob.port=8443
> worker.bob.host=10.0.0.10
> worker.bob.type=ajp13
> 
> worker.bob.lbfactor=1
> 
> --- Apache configs
> ## httpd.conf
> ...
> LoadModule jk_module modules/mod_jk.so
> 
> JkWorkersFile "/usr/jakarta-tomcat-4.1.29/conf/workers.properties"
> 
> JkLogFile "/usr/httpd-2.0.48/logs/mod_jk-log"
> JkLogLevel debug
> 
> JkMount / bob
> JkMount /* bob
> ...
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message