tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chris derham <>
Subject Re: SSL for modjk and tomcat
Date Thu, 10 Nov 2011 08:10:12 GMT
> Simple i have setup httpd,modjk,tomcat .i want to enable SSL(i.e i can
> handle everything on https).

If you have httpd sending traffic via mod_jk to tomcat, you are nearly
there. Just configure httpd to listen over ssl.

> > If (instead) you want to encrypt the AJP connection between HTTPD and
> Tomcat, you'll have to use an SSH tunnel because the AJP protocol is not
> encrypted.
>  Now AJP not support SSL fine. i.e AJP protocol is not
> encrypted.
> i dont want SSH tunnel.

That's fine if you don't want/need a tunnel

> What other approach i can follow now.i mean other way ?

> i am not sure where to configure those mod jk directive and what
> configurations at tomcat side?

I don't think you quite understand how this list works. You need to ask a
specific question, and people will generally try to provide a specific
answer. In your email you say you have httpd/mod_jk/tomcat communicating.
You keep saying that you want to "turn on ssl". As 3 people have already
pointed out, you can have ssl between browser and httpd. You can have ssl
between httpd and tomcat, but you said you don't want that. If you
configure httpd for ssl, then you're probably there. IMO you only to worry
about those mod_jk directives if you need tomcat to know that it is being
handed a connection that has come from an ssl connection. Perhaps explain
why you need this ssl information in your app? Perhaps supply a copy of
web.xml with the security constraints?

In short help us help you -


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message