>> I'm not using Named-Based Virtual Hosts
>> Yes, you are. :)
I didn't think I was. How do you figure?
> I do, there are two different applications in the box that use two
> different Tomcat instances running in different ports and I use Apache
> to proxy to each app while using one common SSL config
>> Understood. If you have two different applications on two Tomcat instances,
>> is that why the port numbers don't match above?
Yes, sorry I posted the wrong config. So, it looks like I figured it out.
Apparently, Apache 2.4 has a problem using a combination of both AJP and HTTP
proxy statements in the same config (Apache 2.2 worked fine), so I ended up
setting the following:
Tomcat Instance 1 server.xml file:
<Server port="8006" shutdown="SHUTDOWN">
<Connector port="8888" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Tomcat Instance 2 server.xml file:
<Server port="8005" shutdown="SHUTDOWN">
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8444" />
<Connector port="8010" protocol="AJP/1.3" redirectPort="8444" />
And in Apache config file I set the following:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ProxyRequests Off
SSLEngine on
SSLCertificateFile ......cer
SSLCertificateKeyFile ......key
SSLCertificateChainFile .........chain.cer
SSLProtocol -all +TLSv1.2
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
#Tomcat 1
ProxyPass /admin ajp://localhost:8009/app1
ProxyPassReverse /admin ajp://localhost:8009/app1
#Tomcat 2
ProxyPass /ciphermail ajp://localhost:8010/app2
ProxyPassReverse /ciphermail ajp://localhost:8010/app2
ProxyTimeout 3600
........
</VirtualHost>
</IfModule>
This seems to work. Do you see a problem with the above?
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
