Re: ssl on tomcat

Wed, 04 Dec 2013 10:31:20 -0800 

Chris,
Yes. I have so many http links as  some of our old submitted apps used non
secured http links. as the apps are in use we cannot change it. I cannot
use any redirect rules to convert all the http to https because of that.

We use struts for framework. And normal jsp pages. I'm not a developer so
cant say much about it.

This is in my server.xml
 <Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
    <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
   <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />


[root@server conf.d]# cat mod_jk.conf
# Where to find workers.properties
JkWorkersFile /etc/httpd/conf.d/workers.properties
# Where to put jk logs
JkLogFile /var/log/httpd/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"
# Send servlet for context /examples to worker named worker1
#JkMount /examples worker1
# Send JSPs for context /examples/* to worker named worker1
JkMount /* worker1
JkShmFile  /etc/httpd/logs/jk-runtime-status

[root@server conf.d]# cat /etc/httpd/conf.d/workers.properties
#workers.tomcat_home=/usr/tomcat/apache-tomcat-6.0.26
#workers.tomcat_home=/usr/share/tomcat5
workers.tomcat_home=/usr/share/apache-tomcat-6.0.37/
workers.java_home=/usr/java/default
ps=/
worker.list=worker1
worker.default.port=8009
worker.default.host=localhost
worker.default.type=ajp13
#worker.default.lbfactor=1

Let me know if there is anything else i need to provide

Thanks.



On Wed, Dec 4, 2013 at 11:18 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Randeep,
>
> On 12/4/13, 12:22 PM, Randeep wrote:
> > I'm using apacche 2.2 as front end and apache tomcat 6.0.37 as
> > backend. I'm using mod_jk for connecting them.
> >
> > The problem is. I'm using ssl certificates. I'v configured ssl on
> > apache. when I connect the site with https. it works. but when I
> > click on an link it goes. I mean its not secure browsing anymore.
>
> Do you mean that links on your https:// pages are http:// (i.e.
> non-secure) links?
>
> What does the code look like that produced your pages (e.g. static
> file, JSP, or servlet)?
>
> > My requirement is as follows.
> >
> > If user connects as https all the links should work as https. If
> > the user connects as http all the links should work as http. is
> > such thing is possible?
>
> Absolutely. You just need to supply more information.
>
> Give us the following and we can help:
>
> 1. <Connector> configuration for all connectors. Remember to remove
> any sensitive information you may have in that configuration.
>
> 2. Explain how your webapp produces link URLs. An example would be great.
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.15 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBCAAGBQJSn2rmAAoJEBzwKT+lPKRYejMP+wcKlv7ap7c2D4gU/tO2jEru
> 7hRmaJO9wYHaM6WGCPA4tRzqEwBw3vrUBLIu7roGSqLiqecK/uDxa0IqEFi9uvEc
> N4ba9BA+khHftEw5xPaSmZjtsQ/al0eTpaej6s4FgTS7EOUxK1yvAz84aZZlA3aA
> ArAjz9VhNZZ49/KWjYEHSdL59bOvwn9uvnKUxTRIrrJoj1LKj26R85OPV6nnPDPT
> y7Vo8XsCSxnqPTTkOW4goNrIP4LjyuKES1HjtWIolbCOLYBSVUaaTr1NXZcB6eX/
> UKvb0uDTYxyLXgrGwJbE2XK/oZUsbr9lMIy65o3acrTyuBR4JBx4bL0HMTbpvZz9
> dOPmQPaxpJ0uIttfnlk1rshCO8mfMhWv6L1yzuPOZy42KObwYmvV1PA2jZy7V6wR
> 3bv6T5lrDAJmU5kl1U67jcGLYGxjFGu8jHtsp56eP3ACV6ZbliVOmDK52mvuzBJr
> TYal0brQZnIzrmUeP3By07y+rDJnHOwihNwRT+dOOUH1mwA4zXzTe6+rm41G7tbX
> 7hDG4YNqBuxahqqdBBXZQnsPRa511o+IVlWS82IO0r08Yfk2Ki459Guv4qCkMg+y
> QfWK/WeszLURnURaNUubkhWARUBkEds+ghh/wMAAVJ3wcbD74hjMhoah1y2vcOcQ
> q/4Ny9yxlarj99aJ1wSe
> =rdj7
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>


-- 
Randeep
Mob: +919447831699[kerala]
Mob: +919880050349[B'lore]
I blog here:
http://www.randeeppr.me/
Follow me Here:
http://twitter.com/Randeeppr
Poke me here!
http://www.facebook.com/Randeeppr
A little Linux Help
http://www.linuxhelp.in/
Work profile:
http://in.linkedin.com/in/randeeppr

Reply via email to