I see a little misunderstanding here. Apache with mod_ssl or apache-ssl module
uses ssl connection with http clients. The communication between apache and the
servlet container is done via ajpXX protocol that can be secure or not. As I
understand ajp12 (that mod_jserv uses) does not support SSL while ajp13 (that
mod_jk uses) does.
So, if apache and the servlet container are residing on the same box, one can
use apache-ssl with mod_jserv or tomcat+ajp12 and be secure (that what we do
here). When using communication between apache and the servlet container is done
via net, one should probably use ajp13, meaning tomcat+mod_jk.
This is my 2 cents
*********************************************************************
* Boris Niyazov Ph: 212-854-4094 Fax: 212-854-1749 *
* Systems Manager Email: [EMAIL PROTECTED] *
* Columbia Law School URL: http://www.law.columbia.edu *
*********************************************************************
>Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
>list-help: <mailto:[EMAIL PROTECTED]>
>list-unsubscribe: <mailto:[EMAIL PROTECTED]>
>list-post: <mailto:[EMAIL PROTECTED]>
>Delivered-To: mailing list [EMAIL PROTECTED]
>Date: Tue, 24 Apr 2001 16:32:03 -0500 (CDT)
>From: Milt Epstein <[EMAIL PROTECTED]>
>X-X-Sender: <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: RE: Tomcat & SSL
>MIME-Version: 1.0
>X-Spam-Rating: h31.sny.collab.net 1.6.2 0/1000/N
>
>On Tue, 24 Apr 2001, GOMEZ Henri wrote:
>
>> >
>> >> -- mod_jserv won't work if you want to use SSL
>> >
>> >Why not? SSL stuff in apache is done in apache, and jserv is
>> >only a connector.
>> >The SSL in apache works the same way in mod_ssl, and
>> >mod_jserv. The only
>> >difference is that in Servlet Spec 2.0 (JSDK2.0 which jserv is) has no
>> >notion of SSL (to my knowledge), and you cannot really do
>> >anything with SSL
>> >within servlets, unless you write everything yourself. You still get
>> >the CGI environment variables, so you probably can find out that
>> >request was handled as HTTPS, but apache takes care of it for you,
>> >and you cannot make much use of it within a servlet.
>>
>> mod_jserv didn't support SSL neither ajp12. You must use mod_jk
>> with ajp13 to get SSL info forwarded from Apache to Tomcat.
>[ ... ]
>
>Can you clarify what you mean bu this? Because I'm using Apache with
>mod_ssl, and Tomcat with mod_jserv, and things are working just fine.
>Perhaps there's some functionality I don't have, but I guess I haven't
>needed it yet.
>
>Milt Epstein
>Research Programmer
>Software/Systems Development Group
>Computing and Communications Services Office (CCSO)
>University of Illinois at Urbana-Champaign (UIUC)
>[EMAIL PROTECTED]
>
- Boris
