Am 16. Juni 2015 20:10:52 MESZ, schrieb "Cohen, Laurence" <lco...@novetta.com>: >Yeah, I'm going to have to figure this out. If I paste the text in the >email it will be very long.
Maybe you could look for the changes yourself (diff might be your friend) and just paste the things that are different. In the SuSE package is a perl script, which claims to do the conversion from mod_ssl to mod_nss. You could try that on your original config files. By the way. It is considered bad style to top post in replies. Regards, Felix > >On Tue, Jun 16, 2015 at 2:00 PM, Felix Schumacher < >felix.schumac...@internetallee.de> wrote: > >> >> >> Am 16. Juni 2015 19:54:40 MESZ, schrieb "Cohen, Laurence" < >> lco...@novetta.com>: >> >On the old instance, represented in these files by prodweb01, >ssl.conf >> >and >> >rewrite.conf were included from httpd.conf >> > >> >On the new instance represented by testweb01, nss.conf and >rewrite.conf >> >are >> >included from httpd.conf, and ssl.conf is no longer used. You'll >see >> >that >> >there was an attempt to move all of the RewriteRules from the >ssl.conf >> >in >> >the old instance to ProxyPass statements in nss.conf. I'm assuming >you >> >are >> >correct that something is not correct with these rules. >> >> Did you attach files to your mail? The mailing list strips most >> attachments. You might be lucky attaching text files. >> >> Or you could strip out any comments and paste them inline. Our you >put >> them somewhere else and send a link to the files. >> >> Regards, >> Felix >> >> > >> >Thanks, >> > >> >Larry Cohen >> > >> >On Tue, Jun 16, 2015 at 1:36 PM, Cohen, Laurence ><lco...@novetta.com> >> >wrote: >> > >> >> I am most definitely confused. :-) >> >> >> >> I'm gathering and sanitizing configuration files now. >> >> >> >> Thanks, >> >> >> >> Larry >> >> >> >> On Tue, Jun 16, 2015 at 1:26 PM, Christopher Schultz < >> >> ch...@christopherschultz.net> wrote: >> >> >> >>> -----BEGIN PGP SIGNED MESSAGE----- >> >>> Hash: SHA256 >> >>> >> >>> Laurence, >> >>> >> >>> On 6/16/15 1:02 PM, Cohen, Laurence wrote: >> >>> > Thanks for everyone's response. to Andre' Warnier, yes. There >> >are >> >>> > many ProxyPass statements in nss.conf on the Apache webserver. >> >>> > They appear to have taken the place of redirect statements in >> >>> > ssl.conf, which is no longer in use. >> >>> >> >>> I think you may be confused. mod_nss looks like a replacement for >> >>> mod_ssl, which means it's only being used for connections coming >> >>> *into* the Apache httpd process -- probably from clients. >> >>> >> >>> Yes, mod_ssl is also used to handle HTTPS going *out* through >> >>> mod_proxy, but you say that's working, right? >> >>> >> >>> mod_ssl doesn't have any "redirect" configuration. If you had >> >>> "Redirect [something]" then it was using mod_alias, and that has >> >>> nothing to do with either mod_nss (nee mod_ssl) or whatever >module >> >you >> >>> are using to proxy from httpd to Tomcat (probably >mod_proxy_http). >> >>> >> >>> > Your configuration assumption is correct, except that the users >> >>> > will connect to the webserver on port 80 and port 443, and it >is >> >>> > invisible to them where they are going on the app server. >> >>> >> >>> Assuming that mod_nss can service mod_proxy_http just as mod_ssl >was >> >>> able to in the past, then you should have to change nothing in >your >> >>> configuration. >> >>> >> >>> My guess is that your ProxyPass directives for the :80 >VirtualHost >> >>> were somehow damaged in the switch-over. >> >>> >> >>> Can you show us the :443 configuration versus the :80 >configuration >> >in >> >>> terms of ProxyPass and ProxyPassReverse directives? >> >>> >> >>> - -chris >> >>> -----BEGIN PGP SIGNATURE----- >> >>> Comment: GPGTools - http://gpgtools.org >> >>> >> >>> iQIcBAEBCAAGBQJVgFwtAAoJEBzwKT+lPKRYuU8P/Ao9G5qfkl3b/vWgG4rP2ooW >> >>> 4rN+I7L7p3aNGp5GXylfPh04B7R3+Lc0OS82lZvRlDP0UWCEBChA4j+JIBddIqXG >> >>> exiOHS7lZLEpduZuWr0cK3/DpcA1KcF9xQYjji2SdxfyiYiZPY7WepXd/Fm6gs0a >> >>> rp7f8WpGl5onhDRz0KKGmZK0YJbhMr8JwlrdeKolUlpeG8s9pmFiccQgN+QVhmJL >> >>> yv6sGcrxoBBZAnG+1MbUzHAh2SXvjaBVXessf5L/w8ttCXWb3a6KcuZp+RJwTLZ9 >> >>> FYO+DPlfGIP5FM9+8YL8CtF39D0SGM+4Uz93hHJr37eVVRmSxVj7zDgnT3OdGfe1 >> >>> zjanRi4abrrMeXWQG1KsUgqS8u5iq/+FC9s6+i5iSt6cRRQQHwWH5337U85s3SPB >> >>> +XrjXdbLpdTe6pZz2AJ9htXOwO/o0b0sO7vVls9r4F7gSPbnnETyk/jWjcVbRClb >> >>> zPPR2rF4/XNDy3mCmid2dMoIpk2IrTxTt1tP9gPf0ZNl0JFeWSZrpY8EJhd5lyZs >> >>> CGJDKBph3BLgfmHV5yj/lZXwqW63RTuWluVfliVnDo7LEkTMa424yTaF68XBpRWL >> >>> mic2/HKVvrqn9CypeOhrJ9SmDer/xJ8lZWUP5DMijuYJaTbgDcCQEIcj2pVBR5O/ >> >>> RpQ2KXVnBjLHYdoFGpSD >> >>> =YmrV >> >>> -----END PGP SIGNATURE----- >> >>> >> >>> >> >>--------------------------------------------------------------------- >> >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> >>> For additional commands, e-mail: users-h...@tomcat.apache.org >> >>> >> >>> >> >> >> > >> > >> >>------------------------------------------------------------------------ >> > >> > >> >>--------------------------------------------------------------------- >> >To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> >For additional commands, e-mail: users-h...@tomcat.apache.org >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
