>
> And your SSLOptions are what exactly?
>
> Also Tomcat and mod_jk version info might be relevant.
>
oadModule jk_module modules/mod_jk.so
LoadFile "/home/sys/ssl-poc/webgate/access/oblix/lib/libgcc_s.so.1"
LoadFile "/home/sys/ssl-poc/webgate/access/oblix/lib/libstdc++.so.5"
SSLOptions +StdEnvVars
SSLOptions +ExportCertData
JkWorkerProperty worker.list=worker1
JkWorkerProperty worker.worker1.type=ajp13
JkWorkerProperty worker.worker1.host=localhost
JkWorkerProperty worker.worker1.port=8009
JkShmFile /home/sys/ssl-poc/httpd/logs/mod_jk.shm
JkLogFile /home/sys/ssl-poc/httpd/logs/mod_jk.log
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkExtractSSL On
<VirtualHost _default_:9443>
WebGateMode PEER
<Location /access/oblix/apps/webgate/bin/webgate.cgi>
SetHandler obwebgateerr
</Location>
<Location "/oberr.cgi">
SetHandler obwebgateerr
</Location>
# General setup for the virtual host
DocumentRoot "/home/sys/ssl-poc/httpd/htdocs"
ServerName ws.server.net:9443
ErrorLog "/home/sys/ssl-poc/httpd/logs/error_ws_log"
TransferLog "/home/sys/ssl-poc/httpd/logs/access_ws_log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/home/sys/ssl-poc/httpd/conf/server-ws.crt"
SSLCertificateKeyFile "/home/sys/ssl-poc/httpd/conf/server-ws.key"
#<FilesMatch "\.(cgi|shtml|phtml|php)$">
#
#</FilesMatch>
#<Directory "/home/sys/ssl-poc/httpd/cgi-bin">
#
#</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/home/sys/ssl-poc/httpd/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<LocationMatch "/app*">
AuthType Oblix
require valid-user
JkMount worker1
</LocationMatch>
</VirtualHost>
Thanks
Marc
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
