Apache using SSL in front of multiple tomcats.

ronatartifact Sun, 21 May 2006 22:08:29 -0700

We have a production setup with a few servers running Tomcat and/or Jboss.
We are building a test/demo system with one server having all of these
functions on a single server.
The various Tomcats are listening on different AJP ports.
We want to use Apache as an SSL proxy to front-end all of these Tomcats 
We also want Apache to serve the static pages itself from static.x.com.
Each service has its own host name but they all share the same IP address.


I have 2 problems:

1) The tomcat proxies seem to be working but the static.x.com references are
also going to tomcat.
2) For one of the tomcat applications, the browser displays the page
correctly when the browser connects directly to the https port in Tomcat but
when connected through Apache, the html is treated like text by both IE and
Firefox so that you see the html tags. Any ideas abou what is missing here?

Below is the configuration file. Has anyone done anything like this with
multiple Tomcats befind Apache with SSL?



Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin


SSLSessionCache        shmcb:logs/ssl_scache(512000)
SSLSessionCacheTimeout  300

NameVirtualHost *:443

<VirtualHost *:443>
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/star_x_com.crt
SSLCertificateKeyFile conf/server.key
SSLCACertificatePath conf/ssl.crt

#### Not Working - Gets proxied to tomcat
ServerName static.x.com:443

<Directory "H:/apps/apache2/htdocs">
    Options Indexes FollowSymLinks
    Order allow,deny
    Allow from all
</Directory>
DocumentRoot "h:/apps/Apache2/htdocs"
ServerAdmin [EMAIL PROTECTED]
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log


CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\"
%b"

######

ServerName welcome.x.com:443

ServerAdmin [EMAIL PROTECTED]
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log

ProxyPreserveHost on
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\"
%b"

ServerName tunneller.x.com:443

ServerAdmin [EMAIL PROTECTED]
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log

ProxyPreserveHost on
ProxyPass / ajp://localhost:7009/
ProxyPassReverse / ajp://localhost:7009/
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\"
%b"

ServerName dispatcher.x.com:443

ServerAdmin [EMAIL PROTECTED]
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log

ProxyPreserveHost on
ProxyPass / ajp://localhost:8010/
ProxyPassReverse / ajp://localhost:8010/
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\"
%b"

ServerName admin.x.com:443

ServerAdmin [EMAIL PROTECTED]
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log

ProxyPreserveHost on
ProxyPass / ajp://localhost:7010/
ProxyPassReverse / ajp://localhost:7010/
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\"
%b"


</VirtualHost>                                  

--
View this message in context: 
http://www.nabble.com/Apache+using+SSL+in+front+of+multiple+tomcats.-t1661028.html#a4500132
Sent from the Tomcat - User forum at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Apache using SSL in front of multiple tomcats.

Reply via email to