Thanks for your suggestions. However, I still have the same problem. I removed the NameVirtualHost entry for port 443, removed the port from the ServerName, removed the DocumentRoot and ServerAlias completely, and added the / to both the ProxyPass and ProxyPassReverse entries after removing the Location element (I should mention that I had tried that previously and then changed to the single argument version inside a Location / element as an experiment which, by the way, works fine as long as the connection is via port 80). In fact, several of the things I changed this time around were introduced by my desperation to find some combination that works.
I still get the same problem. If I connect to https: I am immediately redirected to the http: version of the URL. If the port 80 virtual host is set up under Apache HTTPD it processes it and if not, I get an error saying Apache could not find whatever file I'm trying to access. I also want to emphasize that the connection to Apache via SSL is working fine. I see the entries in the log files indicating Apache got the request. I can even see in the Tomcat logs where Apache forwarded the request on the port specified in the ProxyPass directives. But ... I can also see an entry in the Tomcat log where it appears to send a redirect using http: as the scheme. Thus, my conclusion that it is my Tomcat configuration rather than my Apache HTTPD configuration that is the cause of the problem. I have pasted the latest fragments of the Apache HTTPD configuration files below in case I've still missed the point of one or more of your comments. The only change to the Tomcat configuration is the addition of a separate AJP connector specifically for the unsecured connection. Thanks for any additional ideas or input. Apache HTTPD Configuration Fragments ======================================================================== ==== ## ## SSL Virtual Host Context ## <VirtualHost 172.30.90.2:443> # General setup for the virtual host ServerName www.resourcepoint.org ErrorLog logs/resourcepoint-ssl-error_log CustomLog logs/resourcepoint-ssl-access_log common <Directory "E:/Apache2/vhosts/resourcepoint"> ... directory stuff here ... </Directory> ProxyPass / ajp://127.0.0.1:8009/ ProxyPassReverse / ajp://127.0.0.1:8009/ ... SSL stuff here ... </VirtualHost> Just in case it helps, here is the port 80 virtual host configuration which works just fine. # # Use name-based virtual hosting. # NameVirtualHost 172.30.90.2:80 # # VirtualHost # <VirtualHost 172.30.90.2:80> ServerName www.resourcepoint.org:80 DocumentRoot E:\Apache2\vhosts\resourcepoint ServerAlias www.resourcepoint.org:80 ErrorLog logs/resourcepoint-error_log CustomLog logs/resourcepoint-access_log common <Directory "E:/Apache2/vhosts/resourcepoint"> ... directory stuff here ... </Directory> # Note that this approach with single argument # nested in a Location element works just fine # for the non-SSL, port 80 virtual host. <Location / > ProxyPass ajp://127.0.0.1:8010/ ProxyPassReverse ajp://127.0.0.1:8010/ </Location> </VirtualHost> Tomcat Configuration (Server.xml) ====================================================================== <Service name="Catalina"> <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 --> <Connector port="8888" address="127.0.0.1" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" /> <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" address="127.0.0.1" enableLookups="false" protocol="AJP/1.3" secure="true" scheme="https" proxyName="www.resourcepoint.org" proxyPort="443" /> <Connector port="8010" address="127.0.0.1" enableLookups="false" protocol="AJP/1.3" secure="false" scheme="http" proxyName="www.resourcepoint.org" proxyPort="80" /> <!-- Define the top level container in our container hierarchy --> <Engine name="Catalina" defaultHost="www.resourcepoint.org"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" /> <Host name="localhost" appBase="webapps" /> <Host name="www.resourcepoint.org" appBase="E:\webapps\resourcepoint" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Context path="" docBase="ROOT" debug="1"/> <Logger className="org.apache.catalina.logger.FileLogger"/> </Host> </Engine> -----Original Message----- From: Hassan Schroeder [mailto:[EMAIL PROTECTED] Sent: Monday, February 05, 2007 11:11 AM To: Tomcat Users List Subject: Re: AJP Connector - Problems Proxying HTTPS Connections On 2/5/07, Bill Bailey <[EMAIL PROTECTED]> wrote: To start with -- > Apache Virtual Host Configuration Fragment > NameVirtualHost xxx.xx.xx.x:443 NameVirtualHosting and SSL don't go together -- yank that > <VirtualHost xxx.xx.xx.x:443> Put the real IP that belongs to the SSL cert there > ServerName www.resourcepoint.org:443 > > DocumentRoot E:\Apache2\vhosts\resourcepoint > > ServerAlias www.resourcepoint.org:443 The server name and alias should not have the port # appended In the example, the name and alias are the same, which makes no sense. And if you're proxying everything, you don't need to specify a DocumentRoot. However, > ProxyPass ajp://127.0.0.1:8009/ > ProxyPassReverse ajp://127.0.0.1:8009/ that's wrong -- those two directives take two arguments, e.g ProxyPass / ajp://127.0.0.1:8009 Fix those, and make sure your config files at least passes the config test ( $APACHE_HOME/bin/apachectl -t ) HTH! -- Hassan Schroeder ------------------------ [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]