tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: FW: tomcat integrated with httpd and over https port, not working
Date Thu, 12 Aug 2010 10:57:19 GMT
Irfan Khan wrote:
> Is there anyone who can help me to resolve this issue.

Maybe (but check the documentation, because I am not sure).

The thing is, you have an Apache configuration with VirtualHost's.
In such a case, the configuration directives present outside a <VirtualHost> section,

generally act as default for the <VirtualHost> sections, *unless* the same configuration

directive is also present inside the <VirtualHost> section (in that case, the one inside

the <VirtualHost> overrides the default).

The above is the general rule, but there are exceptions : not all configuration directives

of the "main" section are automatically carried over to the <VirtualHost> section.
For example, JkMount is not automatically carroed over, unless you use the special 
JkMountCopy instructions.

So you have to check below, if some of Jkxxxxxxxxx instructions should not be moved from 
the main section, to the <VirtualHost> section.
The documentation should tell you.

I know that the following are ok in the main section :

 > LoadModule jk_module modules/mod_jk.so
 >
 > JkWorkersFile "/etc/httpd/conf/workers.properties"
 >
 > JkShmFile "/var/log/httpd/mod_jk.shm"
 >
 > JkLogFile "/var/log/httpd/mod_jk.log"
 >
 > JkLogLevel info
 >
 > JkLogStampFormat "[%a %b %d %H %M %S %Y]"

But for all the other ones, I don't know.




> 
>  
> 
> From: Irfan Khan [mailto:irfan.khan@enovatemedia.co.in] 
> Sent: Wednesday, August 11, 2010 5:31 PM
> To: 'users@tomcat.apache.org'
> Subject: tomcat integrated with httpd and over https port, not working
> 
>  
> 
>  
> 
> Dear pals,
> 
>  
> 
> Issue: tomcat integrated with httpd and over https port, not working.
> 
>  
> 
> Important info: With the below given httpd.conf, if it is modified to work
> with http , then tomcat pages were accessed on http. 
> 
>  
> 
> So it is confirmed that there must be something wrong with ssl settings.
> 
>  
> 
> I have tried find on Google , and ended with this final configuration for
> ssl but with no luck. I am pulling my hair to find out why it is not
> working.
> 
>  
> 
> You brilliant guys can suggest!
> 
> Kindly help!
> 
> Thanks in advance!
> 
>  
> 
>  
> 
> Tools Version details; 
> 
> Centos 5.3
> 
> httpd-2.2.3-31
> 
> tomcat-6.0.26
> 
> mod_jk-1.2.28-httpd-2.2.X
> 
> openssl-0.9.8e
> 
> jre1.6.0_20
> 
>  
> 
> EXISTING WORKING CONFIGURATION
> 
> Http and https port on httpd - working fine
> 
> Tomcat on port 8080 - working fine
> 
> Tomcat + httpd + http port - working fine
> 
>  
> 
> ##########################################
> 
> Httpd.conf
> 
> ##############################################
> 
> NameVirtualHost *:443
> 
>  
> 
> LoadModule jk_module modules/mod_jk.so
> 
> JkWorkersFile "/etc/httpd/conf/workers.properties"
> 
> JkShmFile "/var/log/httpd/mod_jk.shm"
> 
> JkLogFile "/var/log/httpd/mod_jk.log"
> 
> JkLogLevel info
> 
> JkLogStampFormat "[%a %b %d %H %M %S %Y]"
> 
> # JkOptions indicate to send SSL KEY SIZE,
> 
> JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
> +ForwardSSLCertChain
> 
> # Should mod_jk send SSL information to Tomcat (default is On)
> 
> JkExtractSSL On
> 
> # What is the indicator for SSL (default is HTTPS)
> 
> JkHTTPSIndicator HTTPS
> 
> # What is the indicator for SSL session (default is SSL_SESSION_ID)
> 
> JkSESSIONIndicator SSL_SESSION_ID
> 
> # What is the indicator for client SSL cipher suit (default is SSL_CIPHER)
> 
> JkCIPHERIndicator SSL_CIPHER
> 
> # What is the indicator for the client SSL certificated (default is
> SSL_CLIENT_CERT)
> 
> JkCERTSIndicator SSL_CLIENT_CERT
> 
>  
> 
>  
> 
> <VirtualHost *:443>
> 
> ServerName abcd.com
> 
> SSLEngine On
> 
> SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
> 
> SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
> 
> SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
> 
>  
> 
> jkMount /tomcatpages* worker1
> 
> </VirtualHost>
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message