RE: Encryption and weblogic module

Fri, 16 Apr 2004 06:48:16 -0700 

Weblogic used to provide an ssl version of the mod_wl module, I think it
was named mod_wl_ssl. Obtaining the correct mod_wl_ssl may be dependent
on  which version of weblogic  and apache are being used.

We have run this configuration on Apache 1.x

client --> FireWall -->  Apache --> Firewall --->  Weblogic
          only port 443  mod_wl_ssl   port nnnn
                                    is configurable

David

-----Original Message-----
From: Daniel Lopez [mailto:[EMAIL PROTECTED] 
Sent: Friday, April 16, 2004 6:48 AM
To: [EMAIL PROTECTED]
Subject: Re: Encryption and weblogic module


client ----(a)----->  Apache -----(b)---->  Weblogic

If the client connects to Apache using SSL, (a) will be encrypted but
(b)
will not (unless you can configure mod_wl to use SSL, which I dont
believe
you can). the assumption is that (b) is occurring over a private,
trusted
network. If you need to encrypt (b) I would suggest either setting up a
VPN
or using Apache as a reverse proxy with SSL (the weblogic protocol in
modern
versions is basically HTTP with a couple of extra headers)

cheers

Daniel

> Hello everyone.
> 
> I am quite new to ssl, so I have a question.
> 
> While a connection between a pc client and
> a web server is encrypted, I do not know if
> the connection that may result thereafter is
> encrypted too, that is, if ssl.conf contain
> an entry that look like this:
> 
> <Location /xx/xxx/*yyy*>
>  SetHandler weblogic-handler
>  WebLogicCluster host1.dom.dom.se:99999,host2.dom.dom.se:99999
>  ErrorPage /xx/xxx/xxx/xxx/errpage.html
> </Location>
> 
> Is the data that is sent and received between the
> webserver and host1/2.dom.dom.se also encrypted, and
> is there a way to check that ?
> 
> Or is the question about encryption something that
> (in this case) the weblogic module (that Apache uses)
> is responsible for ?
> 
> 
> Regards
> 
> Anders
> 
> 
>
--
Teach Yourself Apache 2 -- http://apacheworld.org/ty24/
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to