Here is the situation:
We have an existing Amazon EC2 instance, running Amazon Linux 2, with an
Apache httpd server already running our web sites (for argument's sake,
"foo.com," "bar.com," and "baz.com."), and already getting its certs
from Let's Encrypt, using "foo.com" as the CN, with "www.foo.com,"
"bar.com," "www.bar.com," "baz.com," and "www.baz.com" as SANs. And it
seems to be working quite nicely.
Now, we want to add a Tomcat server, which would then serve several
webapp contexts at "qux.baz.com," and maybe also "corge.baz.com,"
running behind the httpd server (which is something I've never done
before; I've always set up Tomcat directly facing the outside world, so
with this, I frankly haven't a clue what I'm doing).
First of all, which is currently considered the easier/better way to get
Tomcat running behind httpd, given the above scenario? "mod_proxy," or
"mod_jk?" Or is there something else I haven't heard of?
Second of all, I found this step-by-step procedure.
https://preview.tinyurl.com/vwnutqj
Is it any good?
Third, am I correct in assuming that all we need to do in order for the
existing Let's Encrypt setup to cover the new "qux" and "corge"
subdomains is to add them to the SANs already listed?
Finally, are there any "gotchas" I need to be concerned with?
--
James H. H. Lampert
Touchtone Corporation
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org