tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: SSl Query-- please help
Date Sat, 20 Oct 2012 13:51:26 GMT
vivek aggarwal wrote:
> Hello All,
>  
> I need to setup the SSL over my tomcat ,which i am able to do it by generating Self signed
certificate using Keytool
>  
> But when  i am redirecting the request form apache using "mod_jk "module its not working.
>  
> I am not sure how to make Apache & Tomcat work in SSL when using Mod_jk module as
i need load balancing
>  
> Can someone please share the steps for doing ssl setup when apache is used along with
Tomcat
> 

A simplified graphical view of the recommended setup :

browser <- HTTPS -> Apache + mod_jk <- AJP -> Tomcat-1 (AJP Connector)
                                     <- AJP -> Tomcat-2 (AJP Connector)
                                     ...
                                     <- AJP -> Tomcat-n (AJP Connector)

In other words, you should handle the HTTPS/SSL at the front-end Apache httpd level, not 
at the Tomcat level.  (This is also sometimes called "terminating SSL at the Apache level").
The reason is that the AJP protocol does not support HTTPS/SSL (so, there is no way to set

up the AJP Connector in Tomcat for SSL) (and no way to set up mod_jk to "talk SSL to Tomcat").
What the Apache/mod_jk combination can do however, is pass on all the required SSL headers

of the original requests to Tomcat, over the AJP connection, so that a Tomcat application

could make use of them.

To see how to set up Apache for SSL, check the Apache httpd on-line documentation.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message