Re: SSL on tomcat + jk2 + apache2 + RedHat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On that page www.apachetomcat.com/tomcat-ssl-5-unix. They do not install the certificate into apache2, only tomcat5. If you want this kind of setup to work, you must shut down apache and have tomcat as a standalone. hope it helps - -reynir Gangaa D wrote: > Dear, > I have done SSL on apache2+jk2+tomcat2+RedHat using > www.apachetomcat.com/tomcat-ssl-5-unix. > > So when we visit to https ie mark as "This CA Root > certificate is not trusted because it is not in the > Trusted Root Certification Authorities store." > > So How do I get Trusted Root Certification > Authorities? > > --- Reynir Hubner <[EMAIL PROTECTED]> wrote: > > > hi, > > yes, if you think about it, if you put your ssl key > in apache, it will > be used to secure the comunication between > apache(server) and the > client(user). Apache will then decript the message > and forward it via > ajp into tomcat. If you want to put ssl on those > comunications too, it's > a little more complex, and all you would be doing is > adding security on > communications between two server applications > running on the same > machine (is it worth it ?). > > Of course you can innstall your certificate into > tomcat, but if you are > using apache to front the tomcat, the reason to do > so is hard to find. > > hope it helps > -reynir > > > > > > Gangaa D wrote: > >>Dear Reynir Hubner, >>Thank you reply our msg. > >>We have configured jk2 for apache2+tomcat5. >>So I mean jk2 does not provide SSL. Is this > > correct? > > > > >>__ >>Yahoo! Mail - PC Magazine Editors' Choice 2005 >>http://mail.yahoo.com > > > >> - > >>To unsubscribe, e-mail: > > [EMAIL PROTECTED] > >>For additional commands, e-mail: > > [EMAIL PROTECTED] > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] > __ > Yahoo! Mail - PC Magazine Editors' Choice 2005 > http://mail.yahoo.com > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDdHKv19KgIQihNwgRAt90AJ9opGZCksy3/ThGs7QHpNa7P7WHpwCZAWtL M8COEVDQec2W1AKwUpt/ih8= =n97b -END PGP SIGNATURE- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: SSL on tomcat + jk2 + apache2 + RedHat
> From: Gangaa D [mailto:[EMAIL PROTECTED] > So How do I get Trusted Root Certification > Authorities? If you have control over all the browsers that will be accessing your application: put your self-signed certificate into each of their trusted stores. If you don't have control over some of them: Pay money to an issuer who *is* in there to issue you a valid certificate, and install that in your keystore. I tend to use Thawte, mainly because I know some of the staff there; I've had good service thus far, but your mileage may vary. I've not had to do this on a Tomcat system; check that the issuer will issue the cert in a format that is appropriate for Tomcat before you pay money. - Peter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL on tomcat + jk2 + apache2 + RedHat
Dear, I have done SSL on apache2+jk2+tomcat2+RedHat using www.apachetomcat.com/tomcat-ssl-5-unix. So when we visit to https ie mark as "This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store." So How do I get Trusted Root Certification Authorities? --- Reynir Hubner <[EMAIL PROTECTED]> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > hi, > > yes, if you think about it, if you put your ssl key > in apache, it will > be used to secure the comunication between > apache(server) and the > client(user). Apache will then decript the message > and forward it via > ajp into tomcat. If you want to put ssl on those > comunications too, it's > a little more complex, and all you would be doing is > adding security on > communications between two server applications > running on the same > machine (is it worth it ?). > > Of course you can innstall your certificate into > tomcat, but if you are > using apache to front the tomcat, the reason to do > so is hard to find. > > hope it helps > - -reynir > > > > > > Gangaa D wrote: > > Dear Reynir Hubner, > > Thank you reply our msg. > > > > We have configured jk2 for apache2+tomcat5. > > So I mean jk2 does not provide SSL. Is this > correct? > > > > > > > > > > __ > > Yahoo! Mail - PC Magazine Editors' Choice 2005 > > http://mail.yahoo.com > > > > > - > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.5 (MingW32) > Comment: Using GnuPG with Thunderbird - > http://enigmail.mozdev.org > > iD8DBQFDdGhQ19KgIQihNwgRAs6SAKCkTo8LVT+mxagjuLFwPbkEiTgBOACaAx4s > rRNk5B1g+3GMly7zuOEU+60= > =8dW3 > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL on tomcat + jk2 + apache2 + RedHat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hi, yes, if you think about it, if you put your ssl key in apache, it will be used to secure the comunication between apache(server) and the client(user). Apache will then decript the message and forward it via ajp into tomcat. If you want to put ssl on those comunications too, it's a little more complex, and all you would be doing is adding security on communications between two server applications running on the same machine (is it worth it ?). Of course you can innstall your certificate into tomcat, but if you are using apache to front the tomcat, the reason to do so is hard to find. hope it helps - -reynir Gangaa D wrote: > Dear Reynir Hubner, > Thank you reply our msg. > > We have configured jk2 for apache2+tomcat5. > So I mean jk2 does not provide SSL. Is this correct? > > > > > __ > Yahoo! Mail - PC Magazine Editors' Choice 2005 > http://mail.yahoo.com > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDdGhQ19KgIQihNwgRAs6SAKCkTo8LVT+mxagjuLFwPbkEiTgBOACaAx4s rRNk5B1g+3GMly7zuOEU+60= =8dW3 -END PGP SIGNATURE- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL on tomcat + jk2 + apache2 + RedHat
Dear Reynir Hubner, Thank you reply our msg. We have configured jk2 for apache2+tomcat5. So I mean jk2 does not provide SSL. Is this correct? __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SSL on tomcat + jk2 + apache2 + RedHat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, install your SSL key into apache2, and then use mod_jk to comunicate with tomcat. That way you do not have to install your ssl into tomcat. hope it helps - -reynir Gangaa D wrote: > > Hi, i have done connector 443 on win32. So I move it > to Redhat which is tomcat + jk2 + apache2. > > But it does not work. > What is wrong me? > > > > > > > __ > Yahoo! Mail - PC Magazine Editors' Choice 2005 > http://mail.yahoo.com > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDc3mX19KgIQihNwgRAqMHAKDVhrimqXu/hXdNa8JhPwwYC43MOwCg2Y8D c1RP4AfAOR8gzyCw735nflQ= =4kcA -END PGP SIGNATURE- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SSL on tomcat + jk2 + apache2 + RedHat
Hi, i have done connector 443 on win32. So I move it to Redhat which is tomcat + jk2 + apache2. But it does not work. What is wrong me? __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
