tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ralf Schneider <r...@tapfere-schneiderleins.de>
Subject HTTPS with Apache 2.0.48 and Tomcat 5.0.16
Date Mon, 02 Feb 2004 11:41:42 GMT
Hi,

I try to set an Apache 2.0.48 with a connection to Tomcat 5.0.16 via mod_jk2 
2.0.2. The static pages should be accessed via normal HTTP whereas the 
dynamic pages of my webapp should only be accessible via HTTPS for security.

I installed a certificate in /usr/local/apache2/conf/ssl.cert and set up a 
virtual host for the SSL pages in ssl.conf:

<VirtualHost _default_:443>
DocumentRoot "/usr/local/tomcat/webapps/demo_02"
ServerName www.development.home:443
ServerAdmin ralf@tapfere-schneiderleins.de
ErrorLog /usr/local/apache2/logs/error_log
TransferLog /usr/local/apache2/logs/access_log

Alias /demo_02 "/usr/local/tomcat/webapps/demo_02"

<Location "/demo_02/WEB-INF/*">
    AllowOverride None
    deny from all
</Location>

<Location "/demo_02/META-INF/*">
    AllowOverride None
    deny from all
</Location>

JKMount /demo_02/*.do ajp13
JKMount /demo_02/*.jsp ajp13
JKMount /demo_02 ajp13
JKMount /demo_02/* ajp13

SSLEngine on
SSLCipherSuite 
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache2/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog /usr/local/apache2/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

When I call the webapp over http://localhost/demo_02 everything works fine. 
The request to my webapp is forwarded to Tomcat. But when I switch to https I 
get "Connection refused" from the browser. I do not see anything in any log 
file.

Did I miss a configuration step? Or did I misconfigure something?

Ralf.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message