tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hansel, Jason T CTR SPAWARSYSCEN-ATLANTIC, 55E00" <jason.t.hansel....@navy.mil>
Subject Tomcat 6.0.18/ IIS 6.0 /SSL
Date Wed, 04 Aug 2010 16:07:00 GMT
I am trying to get Tomcat and IIS configured on my secure web server (SSL)
so that I can access my deployed web application via https and NOT over
http. Connection to non-SSL works, but I cannot have that connection due to
security.

I want to run Tomcat through IIS, and I have configured it using the
isapi_redirect.dll (thanks to Electronjockey). However, when I try and hit
my https://site/geoportal my credentials do not carry me through to the web
application, instead I receive "Internet Explorer Cannot Display Webpage".
Can someone help me out on how to configure my server.xml and interpretting
my log files please? I have even tried to export my server certificate, and
call it using the keystore:"", still not working. I'm a Tomcat green horn,
any help would be awesome.

Isapi_redirect.log file: Looks like some sort of authentication is being
passed, then the ajp13 is not found?

[Wed Aug 04 11:51:15.901 2010] [10712:8360] [debug] jk_isapi_plugin.c
(3108): Service protocol=HTTP/1.1 method=GET host=150.125.174.70
addr=150.125.174.70 name=mywebsite port=443 auth=SSL/PCT user=EIMS\john.doe
uri=/jakarta/isapi_redirect.dll
[Wed Aug 04 11:51:15.916 2010] [10712:8360] [debug] jk_isapi_plugin.c
(3120): Service request headers=5 attributes=9 chunked=no content-length=0
available=0
[Wed Aug 04 11:51:15.932 2010] [10712:8360] [debug] jk_worker.c (116): did
not find a worker ajp13
[Wed Aug 04 11:51:15.948 2010] [10712:8360] [debug] jk_isapi_plugin.c
(2162): could not get a worker for name ajp13
[Wed Aug 04 11:51:15.979 2010] [10712:8360] [error] jk_isapi_plugin.c
(2210): could not get a worker for name ajp13

Here is the meat of my server.xml (pretty sure it's wrong):

<!-- A "Connector" represents an endpoint by which requests are received
         and responses are returned. Documentation at :
         Java HTTP Connector: /docs/config/http.html (blocking &
non-blocking)
         Java AJP  Connector: /docs/config/ajp.html
         APR (HTTP/AJP) Connector: /docs/apr.html
         Define a non-SSL HTTP/1.1 Connector on port 8080
    -->
    <Connector port="8080" protocol="HTTP/1.1" 
               connectionTimeout="20000" 
               redirectPort="80" />
    <!-- A "Connector" using the shared thread pool-->
    
    <Connector executor="tomcatThreadPool"
               port="8009" protocol="HTTP/1.1" 
               connectionTimeout="20000" 
               redirectPort="443" />
               
    <!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the 
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
    
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLSv1"
   		   keystoreFile="C:\Program Files (x86)\Apache Software
Foundation\Tomcat 6.0\conf\cert.pfx" 
               keystorePass="mypassword"
		   keystoreType="pkcs12" />

    <!-- Define an AJP 1.3 Connector on port 8009 -->
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

Thanks Jason.




Mime
View raw message