Thanks guys .i will take care while posting in future. So far i will go for ssl between browser and httpd only.
On Thu, Nov 10, 2011 at 1:40 PM, chris derham <ch...@derham.me.uk> wrote: > > > > Simple i have setup httpd,modjk,tomcat .i want to enable SSL(i.e i can > > handle everything on https). > > > > If you have httpd sending traffic via mod_jk to tomcat, you are nearly > there. Just configure httpd to listen over ssl. > > > > > > If (instead) you want to encrypt the AJP connection between HTTPD and > > Tomcat, you'll have to use an SSH tunnel because the AJP protocol is not > > encrypted. > > > > Now AJP not support SSL fine. i.e AJP protocol is not > > encrypted. > > i dont want SSH tunnel. > > > > That's fine if you don't want/need a tunnel > > > > > What other approach i can follow now.i mean other way ? > > > > > i am not sure where to configure those mod jk directive and what > > configurations at tomcat side? > > > > I don't think you quite understand how this list works. You need to ask a > specific question, and people will generally try to provide a specific > answer. In your email you say you have httpd/mod_jk/tomcat communicating. > You keep saying that you want to "turn on ssl". As 3 people have already > pointed out, you can have ssl between browser and httpd. You can have ssl > between httpd and tomcat, but you said you don't want that. If you > configure httpd for ssl, then you're probably there. IMO you only to worry > about those mod_jk directives if you need tomcat to know that it is being > handed a connection that has come from an ssl connection. Perhaps explain > why you need this ssl information in your app? Perhaps supply a copy of > web.xml with the security constraints? > > In short help us help you - > http://www.catb.org/~esr/faqs/smart-questions.html > > Chris >
