On 25/11/2009 10:18, jkv wrote:
Thanks Peter,
That really helps me a lot.
I got one small doubt in the last point that you said.
In this environment, you only want your "public" certificate on httpd.
Tomcat will not be doing anything that uses it, so don't put a copy
on those machines.
this means that I will not enable SSL in my tomcat.. I will comment
<!--<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
....> -->
tag totally from server.xml file in tomcat and have just one connetor
element i.e.,
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
I think I will have to remove the redirectPort="443" attribute also?? as its
been handled for me by Apache.
The redirectPort setting should stay, but HTTPD will still handle the
connection. (If you remove the setting it'll probably just default to
a 443 anyway.)
It is used by Tomcat when a web.xml contains a <transport-guarantee> is
set to CONFIDENTIAL, to redirect & upgrade the connection.
p
Thanks for the reply, that really helped a lot and we can also conclude we
cannot have a secure horizontal loadbalancing with Apache and Tomcat!
Regards
JKV
Peter Crowther wrote:
2009/11/25 jkv<j.kumara...@gmail.com>:
We are using Tomcat 6.0 and running HTTPS (enabled SSL). The number of
requests has grown up and we have decided to do go for clustering and
loadbalancing. We have decided to go for Apache and mod_proxy/mod_jk
loadbalacing. My certificate resides in Tomcat.
In order to loadbalance HTTPS request using Apache and mod_proxy/mod_jk,
should I configure Apache to handle HTTPS and tell it about my
certificate
details?
Yes. Apache has to terminate the SSL connection when you're load
balancing.
While loadbalancing I understand that http/https request to Apache is
converted to ajp and tunneled to Tomcat, so is ajp protocol secure?
should I
enable SSL in tomcat to handle this request?
The AJP protocol is not secure. It is only used between httpd and
Tomcat. You should perform some suitable threat modelling of your
system. If you think the threat from an attacker being able to sniff
packets on the path between httpd and Tomcat is sufficiently low,
leave it unencrypted. If you think the threat is too high, encrypt it
using some kind of secure tunnel between httpd and Tomcat, such as a
VPN connection.
My guess is that if someone's able to sniff packets on the link
between httpd and Tomcat, you already have a big security issue.
Should I have two copies of my certificate files if Apache and Tomcat
reside
on two different physical machines(Horizontal Clustering)?
In this environment, you only want your "public" certificate on httpd.
Tomcat will not be doing anything that uses it, so don't put a copy
on those machines.
Hope this helps,
- Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
