> client <- talks on 443 ssl to -> apache <- talks ??? on port 8009 -> tomcat
I would think apache talks "AJP protocol" on port 8009 to tomcat. The ssl between client and port 443 on apache is "http over ssl". Since I don't know of something like "ajp over ssl" I would presume it is not encrypted. Again: Correct my if I'm wrong, since I have not tested it with a packet-sniffer (or something like that). greetings Andreas Mohrig -----Original Message----- From: Wills, Mike N. (TC) [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 13, 2002 6:54 PM To: 'Tomcat Users List' Subject: RE: SSL Connection Tomcat and Apache This is exactly what I am wondering about. -----Original Message----- From: Peter T. Abplanalp > -----Original Message----- > From: Wills, Mike N. (TC) > What about the transmittions between Apache and Tomcat? I realize if they > are on the same machine it isn't a problem, but what about if it is on a > different machine? On Tue, Aug 13, 2002 at 11:27:21AM -0400, Pooleery, Manoj wrote: > i have it working on different machines. Tomcat on one machine and apache > on another. SSL will work irrespective of the machines, as long as both of > the machines can see each other.(i mean on the same network). i'm not sure this answers the question. i am also interested in this. let me draw a picture: client <- talks on 443 ssl to -> apache <- talks ??? on port 8009 -> tomcat the problem being that if the webser gets encrypted stuff and then passes it to tomcat in the clear, someone could get the unencrypted info from the second conversation. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>