Follow up on Bill's advice to use jsvc as Tomcat launcher and then
front-ending with Apache to handle the SSL
If you are using jsvc I would setup the CLASSPATH following advice by David
Erickson at
http://marc.theaimsgroup.com/?l=tomcat-user&m=108578233003073&w=2
he discovers that tools/commons-daemon/bootsrap is the correct config which
is defined here
CLASSPATH=$CLASSPATH:\
> $JAVA_HOME/lib/tools.jar:\
> $DAEMON_HOME/dist/commons-daemon.jar:\
> $CATALINA_HOME/bin/bootstrap.jar:\
> $CATALINA_HOME/common/lib/log4j-1.2.8.jar:\
> $CATALINA_HOME/common/classes
Bon Chance,
Martin --
This email message and any files transmitted with it contain confidential
information intended only for the person(s) to whom this email message is
addressed. If you have received this email message in error, please notify
the sender immediately by telephone or email and destroy the original
message without making a copy. Thank you.
----- Original Message -----
From: "Bill Barker" <[EMAIL PROTECTED]>
To: <users@tomcat.apache.org>
Sent: Saturday, May 27, 2006 9:06 PM
Subject: Re: SSL with Tomcat and Apache..IE problems
"Rizwan Merchant" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Thanks Bill,
Can I change the redirect port in server.xml from 8443 to 443?
Currently, we are running tomcat as non-root user (tomcat user). Will we
need to change this as well?
Well, since you are fronting with Apache, you could setup Apache to handle
the SSL requests on 443 (probably easiest). Then you just configure that
VirtualHost to forward all to Tomcat.
Baring that, you can use the 'jsvc' program from commons-daemon (which is
bundled in a tarball with the Tomcat distro) to allow Tomcat to bind to
443 as root, and then switch to a non-privileged user to handle requests.
Bill Barker wrote:
"Rizwan Merchant" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
We are running tomcat 5.5.16 on Fedora Core 4 OS. We just installed
apache2.0 as a front to serve the pages using the mod_jk connector.
There are 2 apps on tomcat (virtual hosting), one of which needs to be
SSL enabled (lets say app1 and app2, app2 is the one that needs to be
SSL enabled).
Everything seems to be working fine on FireFox, both apps can be
accessed fine. When we access www.app1.com pages are served as
expected, and when we access www.app2.com the browser detects the
certificate and switches to https
But things are not well when it comes to IE. www.app1.com works the
same as FF, and the app can be accessed. But when we try to access
www.app2.com, IE shows the certificate and asks if we would like to
proceed. When we click on 'Yes', the browser cannot find the app after
that and returns "Page cannot be displayed error". Also, directly
accessing the https site by using the URL https://www.app2.com:8443
works fine on IE as well.
so its basically the switching from http to https for app2 that doesnt
seem to work.
This used to pop up all the time when more people were using TC 4 :).
What it happining is that IE gets confused easily when you redirect to
to a non-default SSL port. This is especially true if the next page
that you hit also does a redirect.
The solution is to use the default SSL port of 443 (either that, or
don't use IE ;-).
I dont understand why this works on FF but not on IE..!
I hope someone can shed some light on this. I can post the httpd.conf ,
server.xml and workers.properties files if that helps..
Thanks,
-Riz.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]