-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 André,
On 12/20/13, 4:59 AM, André Warnier wrote: > Maybe : your configuration does not seem to make sense. (or it > works differently from what you think, or we do not understand what > you are telling us) From the history of this thread, it seems so > far that you are reporting an issue that should not be possible > given the other information that you have provided. So you have got > everyone confused. +1 > Maybe some facts first : > > 1) The AJP protocol does NOT support SSL/HTTPS. > > AJP is its own protocol, different from HTTP/HTTPS. It is used > exclusively between a front-end HTTP/HTTPS webserver, and a > back-end Tomcat server. > > It "transports" or "forwards" HTTP/HTTPS requests (including > HTTP/HTTPS headers and SSL-specific information) between the > front-end webserver and the back-end Tomcat, but the format in > which it transports this information is not the same as > HTTP/HTTPS. And it is always unencrypted. +1 Most connectors (mod_jk, mod_proxy_ajp) are capable of transmitting important information about the HTTPS connection to the back-end... specifically, you can get the client certificate chain, key length and cipher, etc. > but, with the information that you have provided so far, it is not > clear to the people on this list which of the above schemas you are > using, or if you are even using one of the above. > > So I believe that you should make that clear first, and after that > maybe someone can help you answer your questions. +1 - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJStKBzAAoJEBzwKT+lPKRYRiIP/0Gri2GHfn9J2z9ItP2fEwkS CQXZRkeGlfrb7YejChWYgescz6rDElW4qi7r/IRxOEhr9p/1toLfcXCFOQv1+nXR CuG3vm7vYjSK3VFVOV257UuhA6SIh5P3+4ceu3FgMrXdO1MpVCNaJgJehVUZCugv M1UggnOkeODmSC6g7XpwuesIvziH8HyzdSzcClTHsRbCvrFxlk59DPUKquqEFjLj mY554nGuNE0FPRsoiQKz9XgioMasp9yAXmKEgXfn7RmCHfbOhiNfycqWJRtYf9XB VWLfjC4QSVIbHxVYzQaqsbsQvCqIb5Z7tAiWFelhiCUA++u/ANz+H+IYUcYIWKAZ 7p1jPRPHrAKqOE/BBk1GSjAcg3vo0dqsJE5AKW15pvreZ6CbxeLi5wlji7PVC+/8 hBIbXBN7TimhvCU8PRbs1xUpLrRWeG2r5b+kATMCZt1oTBPd4XxRG+1StexoUw59 Phc6/UzJhNZQFYqRwzIzDrZOY8Db3K+qNw+3NU5aD6RY16M2In/A77e+MicPjO/4 sUN9AYbtLxbPjgod1OeGzV2yLN6QOVls5s+gPXQGAyP3yD4cOIhWDzUHNaWs4EUR F5Fzis3A/nJALhsNPObb5jWC8DUTkGgqLZWQldXxrYQhXDjxthnyjrbJbohqnOTR GTTfHSVzYQ3KMQJOFKNM =PPMJ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org