tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject Configuring Tomcat 4.0 to communicate with an SSL-enabled Apache server
Date Fri, 21 Jan 2005 20:35:46 GMT
Where can one find information on configuring Tomcat 4.0 to communicate with
an SSL-enabled Apache server?

The 4.0 Tomcat documents on SSL (See under the
heading "SSL and Tomcat")
has this paragraph:

It is important to note that configuring Tomcat to take advantage of secure
sockets is usually only necessary when running it as a standalone web server.
When running Tomcat primarily as a Servlet/JSP container behind another web
server, such as Apache or Microsoft IIS, it is usually necessary to configure
the primary web server to handle the SSL connections from users. Typically,
this server will negotiate all SSL-related functionality, then pass on any
requests destined for the Tomcat container only after decrypting those
requests. Likewise, Tomcat will return cleartext responses, which will then
be encrypted by the primary server before being returned to the user's
browser. In this environment, Tomcat knows that communications between the
primary web server and the client are taking place over a secure connection
(because your application needs to be able to ask about this), but it does
not participate in the encryption or decryption itself.

The 3.3 Tomcat documents (See under
the heading "Tomcat and SSL")
has the same paragraph, which is then followed by this paragraph:

Information on configuring Apache for SSL can be found at either the
Apache-SSL pages, or the apache-mod_ssl project. For information on
configuring Tomcat to communicate with an SSL-enabled Apache server, see the
Tomcat with Apache and mod_jk section.

The 4.0 version has no such additional paragraph and no "Tomcat with Apache
and mod_jk" section either.

Richard Myers

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message