> From: mandg [mailto:gsca...@federatedinv.com] > Subject: Is SSL keystore with AJP connector possible?
> I see that the AJP/1.3 connector is configured and not APR. APR will be used automatically for HTTP <Connector>s if the tcnative-1.dll file is found in Tomcat's bin directory and the APR listener is present in server.xml (which it is by default). > I followed the Tomcat instructions for configuring SSL. There are two sets of instructions for configuring SSL; one for APR, another for the pure Java ones. The two configurations are completely different. > can I use a keystore for the AJP type of connector? SSL cannot be configured for AJP, since the expectation is that anything talking to Tomcat via AJP is doing so over a private, secure network. If you are using a front end (e.g., httpd, IIS) communicating via AJP with Tomcat, the SSL termination point would normally be in the front end, not within Tomcat. Read the <Connector> documentation first, then the SSL doc. http://tomcat.apache.org/tomcat-6.0-doc/config/http.html http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org