-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tezza,
On 10/19/2009 12:16 PM, Tezza wrote:
> Is this correct, what I have? that SSL need to be on Apache AND each
> Tomcat???
If you are always using HTTPS through Apache httpd, then you don't need
to configure it at all in Tomcat.
> Tomcat's server.xml
> -------------------
> <Connector port="8080" address="${jboss.bind.address}"
> protocol="HTTP/1.1"
If you always use HTTPS, and you always use Apache httpd, you can remove
this <Connector> entirely from server.xml.
> <Connector address="${jboss.bind.address}"
> SSLEnabled="true"
> protocol="HTTP/1.1"
Same here: remove it if you are doing all your SSL through httpd.
> SSLPassword="xxxxxxxxxxx"
> SSLCertificateFile="X:/key/star_my_cert.crt"
> SSLCertificateKeyFile="X:/key/my_key.key"
> SSLCertificateChainFile="X:/key/digi.crt"
Once you remove your HTTPS configuration from Tomcat, you won't have to
provide any certificate information to Tomcat (unless you want to use
client certificates and validate them on the Tomcat side).
> <Connector port="8009" address="${jboss.bind.address}"
> protocol="AJP/1.3"
This is the only <Connector> you need: AJP.
Hope that helps,
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkrcvGIACgkQ9CaO5/Lv0PDMlgCeMIjMknilkKra2E8bfhmGI8aQ
z2UAoKvfRAZrlI/lDwSPCA1G709FhDpS
=+zN4
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
