tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Harsimranjit singh Kler <simran...@gmail.com>
Subject Fwd: SSL for modjk and tomcat
Date Thu, 10 Nov 2011 06:31:14 GMT
Hi


Simple i have setup httpd,modjk,tomcat .i want to enable SSL(i.e i can
handle everything on https).


> If (instead) you want to encrypt the AJP connection between HTTPD and
Tomcat, you'll have to use an SSH tunnel because the AJP protocol is not
encrypted.

 Now AJP not support SSL fine. i.e AJP protocol is not
encrypted.
i dont want SSH tunnel.

What other approach i can follow now.i mean other way ?


i am not sure where to configure those mod jk directive and what
configurations at tomcat side?




On Thu, Nov 10, 2011 at 11:23 AM, Christopher Schultz <
chris@christopherschultz.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Harsimranjit,
>
> On 11/9/11 10:35 AM, Harsimranjit singh Kler wrote:
> > Doing this configuration first time.
> >
> > As per reply AJP not support SSL but still apache can pass some
> > information to tomcat.
>
> Correct: mod_ssl will forward the important SSL information from httpd
> to Tomcat. Note that connection between httpd and Tomcat is not
> encrypted (which is why Pid and Andre have said "no SSL"). The SSL
> information comes from the incoming HTTPS connection and is provided
> via AJP to Tomcat.
>
> > i found above parameter in documentation :
> >
> > http://tomcat.apache.org/connectors-doc/reference/apache.html
> >
> > but no example how to configure these and how helpful.
>
> Did you mean that you found all of those parameters (not just one) in
> the documentation?
>
> The documentation, while fairly short, contains everything you need.
> Each directive is documented as to its function, its value parameter
> values, and the default.
>
> > i dont know what is ideal configurations for above setup to support
> > SSL
>
> mod_jk supports SSL with no additional configuration. If you find that
> the default configuration is not meeting your needs, please tell us
> what you need and we can help you configure it.
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk67ZsUACgkQ9CaO5/Lv0PCrWwCfSg0ul/7JUIoZDie/B2dm39Hz
> IXcAn3GpRRlRz7bntRBM0Gkh/yUxNGSo
> =oU31
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>  For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message