tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: Apache HTTPD (with SSL) + mod_jk + TomEE (Tomcat) nullify the ssl session id
Date Mon, 06 Jul 2015 10:48:05 GMT
On 06/07/2015 10:48, Alex Soto wrote:
> Hello I have seen a strange behaviour in Apache HTTPD (2.4)  and TomEE (in
> fact it is a Tomcat (7.0.61) so it is exactly the same for Tomcat) when I
> configure Apache server with SSL and mod_jk.
> In fact I am not sure where it is the problem if in mod_jk, in Apache
> Server or in Tomcat, but I suspect that maybe the problem is on mod_jk
> configuration.
> I am configuring the typical Apache as frontend and TomEE(Tomcat) as
> backend solution. Currently Apache is configured with SSL and with mod_jk
> it connects to TomEE using AJP. This works perfectly. The problem is that
> inside my code I need to get the ssl session id:
> String ssl =
> (String)servletRequest.getAttribute("javax.servlet.request.ssl_session_id");
> I don't know why but sometimes this attribute is null and sometimes not. It
> may return a null at first then stay like 10 requests working and then stop
> working again during some requests and the get attribute returns null.
> It seems that everything is configured correctly since sometimes works.
> Have you ever found something similar or knows what it can be happening? Do
> you think that maybe the problem is on client (browser) side?
> Everything is dockerized here:
> so you can review
> configuration files of tomcat and apache or even run it.
> Thank you so much for your support.

Try turning on debug logging for mod_jk. It will generate lots of data
so just do it long enough to see the problem. When you look at the logs
you should be able to see if the SSL Session ID is being passed to
Tomcat or not.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message