That won't work...only one service can bind to a given port at a time...communications between Apache and Tomcat occur on the given connector port (8009 is the default for AJP13), SSL or not.
John > -----Original Message----- > From: Tam, Michael [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, October 02, 2002 3:01 PM > To: 'Tomcat Users List' > Subject: RE: SSL and mod_jk Problems on Tomcat 4.0.5 + Apache > 1.3.26 (on > L inux RH 7.3) > > > I believe you have to make Tomcat to listen to port 443 > instead of 8443 for > SSL then allow Apache to listen to port 443. > > Hope this help. > > Cheers, > Michael > > -----Original Message----- > From: Gustavo Vegas [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, October 02, 2002 11:56 AM > To: [EMAIL PROTECTED] > Subject: SSL and mod_jk Problems on Tomcat 4.0.5 + Apache 1.3.26 (on > Linux RH 7.3) > > > Hello everyone, > Here is my problem; I am trying to make SSL requests to Tomcat > through mod_jk, but they do not appear to work. I am even able to see > properly through plain HTTP those pages I want served by > Tomcat through > SSL. When I use the https://hosts/directory/page.jsp, I get > the source > code of the file. If I try using the 8443 port, it displays > properly. I > am also using j2sdk version 1.4.1. > Here is the definition of the virtual host under Apache: > -------------------------------------------------------------- > -------------- > ------------------- > <IfModule !mod_jk.c> > LoadModule jk_module libexec/mod_jk.so > </IfModule> > > JkWorkersFile "/usr/local/apache/conf/workers.properties" > JkLogFile "/web/logs/mod_jk.log" > > JkLogLevel debug > > NameVirtualHost * > > <IfDefine SSL> > # Should mod_jk send SSL information to Tomcat (default is On) > JkExtractSSL On > # What is the indicator for SSL (default is HTTPS) > JkHTTPSIndicator HTTPS > # What is the indicator for SSL session (default is SSL_SESSION_ID) > JkSESSIONIndicator SSL_SESSION_ID > # What is the indicator for client SSL cipher suit (default > is SSL_CIPHER) > JkCIPHERIndicator SSL_CIPHER > # What is the indicator for the client SSL certificated (default is > SSL_CLIENT_C > ERT) > JkCERTSIndicator SSL_CLIENT_CERT > # Other needed settings > SSLOptions +StdEnvVars +ExportCertData > ############################################################### > # (BEGIN) Definition of SSL host.company.com virtual host # > # NOTE: SSL Connections are only supported on IP-based virtual# > # hosts # > ############################################################### > > <VirtualHost 192.168.25.100:443> > ServerName host.company.com > ServerAdmin [EMAIL PROTECTED] > DocumentRoot /web/htdocs/host.company.com > ScriptAlias /cgi-bin/ > /web/htdocs/host.company.com/www/cgi-bin/ > DirectoryIndex index.html index.htm index.shtml > index.shtm index.jsp > Alias /reports/ /web/htdocs/host.company.com/reports > JkAutoAlias /export/home/host.company.com > SSLEngine On > SSLCertificateFile /usr/local/XXX/certs/host.company.com.cert > SSLCertificateKeyFile /usr/local/XXX/keys/host.company.com.com.key > SSLCipherSuite > ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL > > Alias /pfctestssl "/web/htdocs/host.company.com/ssl" > > JkMount /pfctestssl/*.jsp ajp13 > JkMount /pfctestssl/* ajp13 > JkMount /pfctestssl/*.do ajp13 > JkMount /pfctestssl/manager ajp13 > JkMount /pfctestssl/manager/* ajp13 > > JkMount /pfctestssl/*/*.jsp ajp13 > JkMount /pfctestssl/*/* ajp13 > JkMount /pfctestssl/*/*.do ajp13 > JkMount /pfctestssl/*/manager ajp13 > JkMount /pfctestssl/*/manager/* ajp13 > > <Location "/pfctestssl/WEB-INF/"> > </Location> > > <Location "/pfctestssl/WEB-INF/"> > AllowOverride None > Deny from all > </Location> > ErrorLog /web/logs/host.company.com/ssl_error_log > CustomLog /web/logs/host.company.com/ssl_access_log combined > TransferLog /web/logs/host.company.com/ssl_transfer_log > </VirtualHost> > ############################################################### > # (END) Definition of SSL host.company.com virtual host # > # ############################################################## > </IfDefine> > > -------------------------------------------------------------- > -------------- > ------------------- > I believe this to be a problem with jk_mod not understanding > what to do > with the requests for these pages. I even tried to tell it > to pass such > requests by adding wildcards for the subdirectories under the ssl > directory, but it did not work. Any help on this issue would > be highly > appreciated. BTW, all other configuration bits seem to work. This was > actually working prior to us getting Tomcat talking to a database > server, but this would be extremely weird if it prevents mod_jk from > talking SSL. That is why I am not including any other configuration > files here. If need be, I will post any additional information that > people may want to take a look at. > > Thanks, > > -- Gustavo Vegas. > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
