tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Gibby <dgi...@edirectpublishing.com>
Subject Re: Apache certificate
Date Wed, 28 Apr 2004 18:41:54 GMT
Hollerman Geralyn M wrote:

> Daniel Gibby wrote:
>
>> Will something that is https _ever_ have to go through apache for 
>> some URL rewriting? If so, then for sure apache would have to need a 
>> certificate installed as well. 
>
>
> This I don't understand. Even if you simply tell Apache to rewrite 
> something that starts with "https" as starting with "http" Apache has 
> to "see" a certificate?

https is the protocol, so a request can't get to the point of allowing 
apache to rewrite the URL until after apache has done its authentication 
via the https protocol. You can't try to force https URLs to be http 
URLs if they never get that far. So if a request is going to come in to 
your server with https, and you are expecting to be able to rewrite that 
URL, you will have to send it through apache, which means apache would 
need to have the certificate.

If on the other hand, you don't need to rewrite anything that is https, 
and only need to rewrite http URLs, then just setup tomcat to handle the 
certificates and answer on port 443. Then configure apache to not listen 
at all on 443, and you won't need to have any certificates installed in 
apache.
Making tomcat listen on 443 is a whole other issue that I've not 
accomplished yet, but there are others here who can help you with that. 
Search the archives, I've seen some posts recently.

Daniel

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message