Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 56975 invoked from network); 2 Mar 2011 15:58:02 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 2 Mar 2011 15:58:02 -0000 Received: (qmail 20990 invoked by uid 500); 2 Mar 2011 15:57:58 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 20734 invoked by uid 500); 2 Mar 2011 15:57:55 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 20717 invoked by uid 99); 2 Mar 2011 15:57:54 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Mar 2011 15:57:54 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of jvr968@gmail.com designates 209.85.161.45 as permitted sender) Received: from [209.85.161.45] (HELO mail-fx0-f45.google.com) (209.85.161.45) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Mar 2011 15:57:46 +0000 Received: by fxm11 with SMTP id 11so123538fxm.18 for ; Wed, 02 Mar 2011 07:57:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:from:to:references:in-reply-to:subject:date :message-id:mime-version:content-type:content-transfer-encoding :x-mailer:thread-index:content-language; bh=9H+tKReUfKTBeA+3mwUeYVSmKRyNnI09QHCxQSHOHcQ=; b=pgC7KWc2URDdJbVcj9jZQIJPCyduZ9xjO2HI7P8WEaE8R7NyKzT/+phR6rrzj09fYh 8bjyLfvvww8c/QBnrMnkVRbzWvxmEiaJosM1+tyAFP8Ier2sJYkW09BnVrjP2qszG0Zv zdSMTxnT+yhoXgaacrgb1ENw/0FFmC6g18Yi8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:references:in-reply-to:subject:date:message-id:mime-version :content-type:content-transfer-encoding:x-mailer:thread-index :content-language; b=U6iFl5J01qZbYzct/qajS3nkw1hmzzn+OBWfjAMChkkZ7pBVsA3P8LS5UvP9mt3GW0 DGWBBipGJSX30sSuZvRJzAdzkf8x+6CYav44uy/G8KzdfVX60wJp1h6mRFb6ovOHnWMf v0ydE+UTI3eBtORUWQYV5KnCVjYSnJpt5UnCI= Received: by 10.223.79.14 with SMTP id n14mr83047fak.19.1299081410593; Wed, 02 Mar 2011 07:56:50 -0800 (PST) Received: from BKDPC (35.pool85-55-112.dynamic.orange.es [85.55.112.35]) by mx.google.com with ESMTPS id r15sm49415fax.22.2011.03.02.07.56.49 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 02 Mar 2011 07:56:49 -0800 (PST) From: "jvr" To: "'Tomcat Users List'" References: <00e001cbd8c8$f8936860$e9ba3920$@gmail.com> <4D6E251C.50104@apache.org> <99C8B2929B39C24493377AC7A121E21FACD433F83C@USEA-EXCH8.na.uis.unisys.com> In-Reply-To: <99C8B2929B39C24493377AC7A121E21FACD433F83C@USEA-EXCH8.na.uis.unisys.com> Subject: RE: Tomcat and SSL Date: Wed, 2 Mar 2011 16:56:48 +0100 Message-ID: <010901cbd8f2$714343b0$53c9cb10$@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQEuXVbbbzIJl1U2RYq2eUs+WH5VOwFzYkbNApwGIvkBaLzYyZUpYh5Q Content-Language: es Sorry, But maybe I'm not doing the correct question. On SSL Configuration HOW-TO of Tomcat documentation: SSL and Tomcat It is important to note that configuring Tomcat to take advantage of = secure sockets is usually only necessary when running it as a stand-alone web server. When running Tomcat primarily as a Servlet/JSP container behind another web server, such as Apache or Microsoft IIS, it is usually = necessary to configure the primary web server to handle the SSL connections from users. Typically, this server will negotiate all SSL-related = functionality, then pass on any requests destined for the Tomcat container only after decrypting those requests. Likewise, Tomcat will return cleartext = responses, that will be encrypted before being returned to the user's browser. In = this environment, Tomcat knows that communications between the primary web = server and the client are taking place over a secure connection (because your application needs to be able to ask about this), but it does not = participate in the encryption or decryption itself. I have apache and openssl preinstalled, and have installed tomcat = manually via command line without JK connector I have to access tomcat = servlets/jsp files accross the port configured in the server.xml If I use tomcat as a stand-alone web server. I could use: Tomcat can use two different implementations of SSL: * the JSSE implementation provided as part of the Java runtime = (since 1.4) * the APR implementation, which uses the OpenSSL engine by default. My question: If I'm not using JK Connector is mandatory configure tomcat as = stand-alone server? or, although I'm not using JK Connector I could consider Apache like the primary web server? Thank You. Regards. -----Original Message----- From: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com]=20 Sent: mi=E9rcoles, 02 de marzo de 2011 15:06 To: Tomcat Users List Subject: RE: Tomcat and SSL > From: jvr [mailto:jvr968@gmail.com] > Subject: RE: Tomcat and SSL > Then I don't have to configure tomcat with SSL Configuration HOW-TO as = > stand-alone web server If you're intending to have Tomcat service SSL requests, then you do = have to configure it to for such. Note that the configuration is different if you're using the APR (native) for SSL. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you = received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org