> > Simple i have setup httpd,modjk,tomcat .i want to enable SSL(i.e i can > handle everything on https). >
If you have httpd sending traffic via mod_jk to tomcat, you are nearly there. Just configure httpd to listen over ssl. > > > If (instead) you want to encrypt the AJP connection between HTTPD and > Tomcat, you'll have to use an SSH tunnel because the AJP protocol is not > encrypted. > > Now AJP not support SSL fine. i.e AJP protocol is not > encrypted. > i dont want SSH tunnel. > That's fine if you don't want/need a tunnel > > What other approach i can follow now.i mean other way ? > > i am not sure where to configure those mod jk directive and what > configurations at tomcat side? > I don't think you quite understand how this list works. You need to ask a specific question, and people will generally try to provide a specific answer. In your email you say you have httpd/mod_jk/tomcat communicating. You keep saying that you want to "turn on ssl". As 3 people have already pointed out, you can have ssl between browser and httpd. You can have ssl between httpd and tomcat, but you said you don't want that. If you configure httpd for ssl, then you're probably there. IMO you only to worry about those mod_jk directives if you need tomcat to know that it is being handed a connection that has come from an ssl connection. Perhaps explain why you need this ssl information in your app? Perhaps supply a copy of web.xml with the security constraints? In short help us help you - http://www.catb.org/~esr/faqs/smart-questions.html Chris
