What group is responsible for the Tomcat AJP protocol? Is there a way to request a feature to add SSL encryption to the protocol?
Thanks, Lance Campbell Software Architect/DBA/Project Manager Web Services at Public Affairs 217-333-0382 -----Original Message----- From: André Warnier [mailto:a...@ice-sa.com] Sent: Tuesday, March 16, 2010 4:08 PM To: Tomcat Users List Subject: Re: mod_jk - apache to tomcat using SSL Campbell, Lance wrote: > I have a web server and an application server. I use mod_jk to > communicate between apache2.0 and tomcat 6. I don't believe the > communication between apache and tomcat is secured by default. Is there > a way to have it send the information in a secure way. > Taking your question strictly as phrased, I don't think so, because the mod_jk/Tomcat AJP protocol is not encrypted. If you really needed to do this, you could use an SSH tunnel however. If you really needed to and the physical constraints allow it, you could also link your Apache with the back-end Tomcat with a dedicated LAN, and avoid the overhead of SSL. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
