Thanks.
Could you please tell me or direct me to some resource that indicates
how to have Apache handle SSL? Would there be separate SSL definitions
for each virtual host? or just one for all virtual hosts?
Appreciate all the help I am getting here...
Martin Gainty wrote:
Follow up on Bill's advice to use jsvc as Tomcat launcher and then
front-ending with Apache to handle the SSL
If you are using jsvc I would setup the CLASSPATH following advice by
David Erickson at
http://marc.theaimsgroup.com/?l=tomcat-user&m=108578233003073&w=2
he discovers that tools/commons-daemon/bootsrap is the correct config
which is defined here
CLASSPATH=$CLASSPATH:\
> $JAVA_HOME/lib/tools.jar:\
> $DAEMON_HOME/dist/commons-daemon.jar:\
> $CATALINA_HOME/bin/bootstrap.jar:\
> $CATALINA_HOME/common/lib/log4j-1.2.8.jar:\
> $CATALINA_HOME/common/classes
Bon Chance,
Martin --
This email message and any files transmitted with it contain confidential
information intended only for the person(s) to whom this email message is
addressed. If you have received this email message in error, please
notify
the sender immediately by telephone or email and destroy the original
message without making a copy. Thank you.
----- Original Message ----- From: "Bill Barker" <[EMAIL PROTECTED]>
To: <users@tomcat.apache.org>
Sent: Saturday, May 27, 2006 9:06 PM
Subject: Re: SSL with Tomcat and Apache..IE problems
"Rizwan Merchant" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Thanks Bill,
Can I change the redirect port in server.xml from 8443 to 443?
Currently, we are running tomcat as non-root user (tomcat user).
Will we need to change this as well?
Well, since you are fronting with Apache, you could setup Apache to
handle the SSL requests on 443 (probably easiest). Then you just
configure that VirtualHost to forward all to Tomcat.
Baring that, you can use the 'jsvc' program from commons-daemon
(which is bundled in a tarball with the Tomcat distro) to allow
Tomcat to bind to 443 as root, and then switch to a non-privileged
user to handle requests.
Bill Barker wrote:
"Rizwan Merchant" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
We are running tomcat 5.5.16 on Fedora Core 4 OS. We just
installed apache2.0 as a front to serve the pages using the mod_jk
connector. There are 2 apps on tomcat (virtual hosting), one of
which needs to be SSL enabled (lets say app1 and app2, app2 is the
one that needs to be SSL enabled).
Everything seems to be working fine on FireFox, both apps can be
accessed fine. When we access www.app1.com pages are served as
expected, and when we access www.app2.com the browser detects the
certificate and switches to https
But things are not well when it comes to IE. www.app1.com works
the same as FF, and the app can be accessed. But when we try to
access www.app2.com, IE shows the certificate and asks if we would
like to proceed. When we click on 'Yes', the browser cannot find
the app after that and returns "Page cannot be displayed error".
Also, directly accessing the https site by using the URL
https://www.app2.com:8443 works fine on IE as well.
so its basically the switching from http to https for app2 that
doesnt seem to work.
This used to pop up all the time when more people were using TC 4
:). What it happining is that IE gets confused easily when you
redirect to to a non-default SSL port. This is especially true if
the next page that you hit also does a redirect.
The solution is to use the default SSL port of 443 (either that, or
don't use IE ;-).
I dont understand why this works on FF but not on IE..!
I hope someone can shed some light on this. I can post the
httpd.conf , server.xml and workers.properties files if that helps..
Thanks,
-Riz.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]