tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Crowther <>
Subject Re: SSL/HTTPS forwarding under Apache + mod_jk + tomcat
Date Tue, 13 Oct 2009 07:12:44 GMT
[This should really be a new thread, but...]

2009/10/13 Tezza <>:
> I got 1 apache and 2 tomcat servers (all on different machines).
> I already got SSL set up on individual Tomcat machines to work on port 8443.
> There is no SSL installed on Apache.
> I got mod_jk installed on apache to forward "all" HTTP requests to tomcat
> servers for load balancing. It works fine.
> I like to also forward all HTTPS requests to tomcat servers.
> Question:
> Do I must install certificate (SSL) on apache server?


> and remove from tomcat servers???

No need - they're not doing any harm, they just won't be used in your

> If possible: I prefer to leave SSL on tomcat servers, and just tell apache
> to forward all HTTPS to tomcats just like HTTP. My tomcat servers will
> handle the workload fine with https. Can it be done?

No.  If your clients use SSL to httpd, httpd must be able to handle
the SSL connection - mod_jk has no way of forwarding raw encrypted
data to Tomcat.  Therefore httpd must have SSL set up locally -
including the certificate.

- Peter

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message