tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <>
Subject Re: Is SSL keystore with AJP connector possible?
Date Thu, 19 Jan 2012 00:51:09 GMT
On 19.01.2012 00:09, mandg wrote:
> I'm working on Apache Tomcat/6.0.33 running in Windows 2003 and have been
> asked to setup SSL. Looking at the server.xml file, I see that the AJP/1.3
> connector is configured and not APR.  Like a good newbie that I am with
> Tomcat, I followed the Tomcat instructions for configuring SSL. However, the
> docs seemed to step me through the steps for an APR-type connector, not AJP
> since I had specified a keystore and passphrase. When I reviewed the AJP
> connector documentation, I didn't find any attributes to specify for the
> keystore and passphrase.
> So my question is, can I use a keystore for the AJP type of connector? And
> if so, are there any good tutorials out there that can walk me through it.
> If not, can I simply edit out the AJP connector in my server.xml file and
> edit in the APR connector? Or will that somehow break the site/application
> that's running on Tomcat?

Note that AJP is a protocol and APR is an implementation type. Tomcat 
supports HTTP, HTTPS and AJP as protocols, and BIO, NIO and APR as the 
implementation. Tomcat 7 supports all combinations, Tomcat 6 all 
combination except for AJP/NIO.

AJP is an unencrypted protocol. So configuring SSL, keystore etc. for an 
AJP connector does not make sense. This is true for any AJP 
implementation, be it BIO, NIO or APR.



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message