On 19/05/2022 01:32, Brian Eller wrote:
TRADING PARTNER

Hello,

                 I am working on a Tomcat install embedded inside a vendor 
product that uses Apache to pass traffic to Tomcat.  My cyber security group is 
asking if we can encrypt all connections.  Does the mod_jk protocol, AJP can be 
encrypted?

No, AJP does not support encryption.

If you want to encrypt traffic between the reverse proxy and the embedded Tomcat instance I'd recommend using mod_proxy_http and proxy everything over HTTPS. This requires a little more configuration to get things working.

The main thing to keep in mind is to make sure that the Tomcat instance correctly identifies whether the client connection to the reverse proxy was over HTTP or HTTPS.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to