tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wesley Acheson <wesley.ache...@gmail.com>
Subject Re: Need some SSL Config help.
Date Wed, 29 Jul 2009 08:24:00 GMT
I thought that you only had to set up on apache (httpd server).  Thats the
way I got it working.

see
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#SSL%20and%20Tomcatrelevenat
excet below
*SSL and Tomcat*

*It is important to note that configuring Tomcat to take advantage of secure
sockets is usually only necessary when running it as a stand-alone web
server.* When running Tomcat primarily as a Servlet/JSP container behind
another web server, such as Apache or Microsoft IIS, it is usually necessary
to configure the primary web server to handle the SSL connections from
users. Typically, this server will negotiate all SSL-related functionality,
then pass on any requests destined for the Tomcat container only after
decrypting those requests. Likewise, Tomcat will return cleartext responses,
that will be encrypted before being returned to the user's browser. In this
environment, Tomcat knows that communications between the primary web server
and the client are taking place over a secure connection (because your
application needs to be able to ask about this), but it does not participate
in the encryption or decryption itself.




On Mon, Jul 27, 2009 at 6:18 PM, Serge Fonville <serge.fonville@gmail.com>wrote:

> > Just an update.  I decided to change up what I was doing.  Instead of
> > starting with SSL on tomcat, I ported Apache and Tomcat to work together
> on
> > my local test server.  Now I am going to do the APR.  Do I need to
> configure
> > SSL on both Apache and Tomcat or just Tomcat?
>
> If all connections go via httpd. just httpd. otherwise both
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message