Sorry. Yes they are https, not https just me mis-typing. The email client was seeing all of those as links and the apache listserv bounced my original email as spam. So I added the spaces to get it to go thru. They are not in the conf files.
Yes general message in IE, I will try it in firefox and others and see what I get. Really not getting anything in the error log, first place I looked. Thanks On Fri, Oct 1, 2010 at 3:44 AM, Rainer Jung <rainer.j...@kippdata.de> wrote: > On 30.09.2010 22:29, Mike Rea wrote: > >> I am running a Win2003 server using Apache2.2 to basically just proxy to >> Tomcat6 with SSL. >> >> I had tried running just tomcat6 but from everything that I read it was >> better for SSL traffic to proxy using Apache, so that is what i did. >> >> Right now I am just pointing it to the Tomcat default page, that is easy >> enough to change later. >> >> Here is where I am at. >> >> 1. On the server if I go to http: //localhost: it brings up the page fine. >> 2. On the server https: //localhost also brings up the page fine. Of >> course I do get a certificate error because the SSL cert is for my >> domain. But it does work and the samples run fine. >> >> 3. From either the server or another PC, if I goto http: //my. >> domain.com <http://domain.com> it works fine and brings up the Tomcat >> >> default page. >> 4. From either place going to https the browser says waiting and >> eventually returns an error. >> >> In my httpd.conf file I have: >> >> Listen 80 >> Listen 443 >> The mod_proxy 's, mod_ssl & mod_vhost_alias are all turned on. >> >> >> >> In my httpd-vhosts.conf file here is what I have: >> >> NameVirtualHost *:80 (although on this try it isn't named, shows error >> in the logs but doesnt seem to hurt anything) >> NameVirtualHost *:443 >> <IfModule ssl_module> >> SSLRandomSeed startup builtin >> SSLRandomSeed connect builtin >> </IfModule> >> ProxyPass / http: //localhost:8080/ >> ProxyPassReverse / http: //localhost:8080/ >> <VirtualHost *:443> >> SSLEngine On >> SSLProxyEngine on >> SSLCertificateFile conf/ssl/certname.cer >> SSLCertificateKeyFile conf/ssl/keyname.key >> > > I assume you have a more complete SSL config included, like setting the > cipher suite and enabling SSL session handling. See the default > configuration provided with the Apache web server. > > > ProxyPass / httpa: //localhost:8443/ >> ProxyPassReverse / httpa: //localhost:8443/ >> > > httpa does not exist, and the space between the scheme and the rest of the > URL won't be good either. What do you really have in your config here? > > If you only want Tomcat to do http and the Apache reverse proxy should do > the full https, then use again > > > ProxyPass / http: //localhost:8080/ > ProxyPassReverse / http: //localhost:8080/ > > ErrorLog "logs/mydomain.com-error.log" >> CustomLog "logs/mydomain.com-access.log" common >> </VirtualHost> >> >> >> I have tried several different rewrites on this and just not getting it >> to work. >> I did put the port 80 => 8080 pass in a VirtualHost tag, it works fine >> on http: //localhost but when using https it gives some bogus message >> of the server being too busy. >> I took the 443 =>8443 directives out of the VirtualHost tag and that >> works fine on http: //localhost but when using https it goes to the >> Apache default page. >> No matter what I do, I still get an error from http: //my. domain.com >> <http://domain.com> while http: //my. domain.com <http://domain.com> >> >> runs fine. >> >> Any ideas? I am definately not an expert with Apache setup. I am more >> a DB & ERP system guy who has been writting more and more jsp apps. >> Now I have one that I need to secure and having one heck of a time doing >> it. >> (Sorry for the spaces. e-mail was seeing them as URLs and the listserv >> SPAM filter was blocking the email) >> Thanks in advance for any help. >> Mike >> > > If it still doesn't work: > > What error message do you get in the client? If it is the general error > message provided by Microsoft Internet Explorer, use some other browser to > see the full error message. > > Is there any message in the error log of Apache? > > Regards, > > Rainer > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Michael Rea mike.a....@gmail.com Cell: 330-402-2280 -------------------------------- www.theusergroup.org Enspire ERP users resource with forums, issue lists, white papers and more.
