On 09/11/2011 11:20, Harsimranjit singh Kler wrote:
Please don't top-post.
> hi
>=20
> Thanks for reply.
>=20
> There are some parameters whate they are for i saw like:
> :
>=20
>=20
>=20
> JkExtractSSL On
>=20
> JkHTTPSIndicator HTTPS
>=20
> JkSESSIONIndicator SSL_SESSION_ID
>=20
> JkCIPHERIndicator SSL_CIPHER
>=20
> JkCERTSIndicator SSL_CLIENT_CERT
> and
>=20
>=20
> JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
>=20
> JkExtractSSL
>=20
> etc etc
>=20
> these are not helpful?
They are helpful and do serve a purpose.
Whether that has any bearing on your problem is a different matter
altogether. You might consider explaining more clearly what you are
trying to achieve.
> and some one post like this:
>=20
> http://ask.metafilter.com/53101/How-do-I-force-HTTPS-in-Tomcat-through-=
Apache-and-modjk
>=20
> is also wrong?
Have you read any of the Tomcat documentation, or are you just googling?
p
> On Wed, Nov 9, 2011 at 3:47 PM, Andr=E9 Warnier <aw@ice-sa.com> wrote:
>=20
>> Harsimranjit singh Kler wrote:
>>
>>> Hi
>>> I am using httpd 2.2.17 modjk 1.2.30 tomcat 6.0.I want to enable SSL =
in my
>>> setup.
>>>
>>> i Am able to successfully on httpd.but there is lot of confusion how =
to
>>> enable between httpd to AJP & AJP to tomcat.
>>>
>>> There is no confusion. You can't do that. There is no SSL variant of =
the
>> AJP protocol.
>>
>>
>> There is not specific documentation also.
>>>
>>
>> For the same reason.
>>
>>
>>
>>> 1) what are step for modjk configurations?
>>> 2)Is AJP support SSL?
>>>
>>
>> No. That should have been the first question.
>>
>>
>> 3)Changes in server.xml for AJP port to support SSL requests via modjk=
?
>>>
>>> None, see above.
>>
>> Note : what you /can/ do, is to use mod_jk to pass all relevant SSL
>> information about the original client<->Apache connection, to Tomcat, =
via
>> HTTP headers.
>>
>> Additional note : of course, if you would really must do this, you cou=
ld
>> still run the mod_jk-to-Tomcat connection over an SSL tunnel. But tha=
t
>> would be something set up totally outside of Apache, Tomcat and their
>> configuration.
>> E.g.
>>
>> browser <-- HTTPS --> apache + mod_jk -> localhost:localport1
>>
>> localport1 <-- SSL tunnel --> remoteport1 --> remote AJP port 8009 -->=
>> Tomcat
>>
>> ------------------------------**------------------------------**------=
---
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.**apache.org<users-un=
subscribe@tomcat.apache.org>
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>=20
--=20
[key:62590808]
|