tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Harsimranjit singh Kler <simran...@gmail.com>
Subject Re: SSL for modjk and tomcat
Date Wed, 09 Nov 2011 18:35:42 GMT
Doing this configuratiosn first time.

As per reply AJP not support SSL but still apache can pass some information
to tomcat.

i found above parameter in documentation :

http://tomcat.apache.org/connectors-doc/reference/apache.html

but no example how to configure these and how helpful.

i dont know what is ideal configurations for above setup to support SSL

Thank you very much
On Wed, Nov 9, 2011 at 5:52 PM, Pid <pid@pidster.com> wrote:

> On 09/11/2011 11:20, Harsimranjit singh Kler wrote:
>
> Please don't top-post.
>
> > hi
> >
> > Thanks for reply.
> >
> > There are some parameters whate they are for i saw like:
> > :
> >
> >
> >
> > JkExtractSSL On
> >
> > JkHTTPSIndicator HTTPS
> >
> > JkSESSIONIndicator SSL_SESSION_ID
> >
> > JkCIPHERIndicator SSL_CIPHER
> >
> > JkCERTSIndicator SSL_CLIENT_CERT
> > and
> >
> >
> > JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
> >
> > JkExtractSSL
> >
> > etc etc
> >
> > these are not helpful?
>
> They are helpful and do serve a purpose.
>
> Whether that has any bearing on your problem is a different matter
> altogether.  You might consider explaining more clearly what you are
> trying to achieve.
>
>
> > and some one post like this:
> >
> >
> http://ask.metafilter.com/53101/How-do-I-force-HTTPS-in-Tomcat-through-Apache-and-modjk
> >
> > is also wrong?
>
> Have you read any of the Tomcat documentation, or are you just googling?
>
>
> p
>
>
> > On Wed, Nov 9, 2011 at 3:47 PM, André Warnier <aw@ice-sa.com> wrote:
> >
> >> Harsimranjit singh Kler wrote:
> >>
> >>> Hi
> >>> I am using httpd 2.2.17 modjk 1.2.30 tomcat 6.0.I want to enable SSL
> in my
> >>> setup.
> >>>
> >>> i Am able to successfully on httpd.but there is lot of confusion how to
> >>> enable between httpd to AJP  & AJP to tomcat.
> >>>
> >>> There is no confusion. You can't do that. There is no SSL variant of
> the
> >> AJP protocol.
> >>
> >>
> >> There is not specific documentation also.
> >>>
> >>
> >> For the same reason.
> >>
> >>
> >>
> >>> 1) what are step for modjk configurations?
> >>> 2)Is AJP support SSL?
> >>>
> >>
> >> No. That should have been the first question.
> >>
> >>
> >> 3)Changes in server.xml for AJP port to support SSL requests via modjk?
> >>>
> >>> None, see above.
> >>
> >> Note : what you /can/ do, is to use mod_jk to pass all relevant SSL
> >> information about the original client<->Apache connection, to Tomcat,
> via
> >> HTTP headers.
> >>
> >> Additional note : of course, if you would really must do this, you could
> >> still run the mod_jk-to-Tomcat connection over an SSL tunnel.  But that
> >> would be something set up totally outside of Apache, Tomcat and their
> >> configuration.
> >> E.g.
> >>
> >> browser <-- HTTPS -->  apache + mod_jk -> localhost:localport1
> >>
> >> localport1 <-- SSL tunnel --> remoteport1 --> remote AJP port 8009
-->
> >> Tomcat
> >>
> >>
> ------------------------------**------------------------------**---------
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<
> users-unsubscribe@tomcat.apache.org>
>  >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
>
>
> --
>
> [key:62590808]
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message