We have a set up where we use apache web server to respond to secure (https) web pages/services on server 1. For one particular service, we need to forward the request to another server 2 on which we have tomcat running. We have done this in order to maintain the URL scheme. Also we want to resolve the ssl on server 1 since all other services get resolved there and we don't want to deal with ssl on the tomcat server for that one service. So for that one service we want to setup apache as a proxy to tomact server.
We took guidance from this blog in setting up our servers: http://pwu- developer.blogspot.in/2011/04/securing-tomcat-with-apache-web-server.html Here is our set up: On server 1 with Apache: The following directives have been enabled in the httpd.conf file. LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_connect_module modules/mod_proxy_connect.so Further, the following two lines added in httpd conf file ProxyRequests Off ProxyPreserveHost on Next, have the following lines in ssl.conf Listen 443 <VirtualHost _default_:443> SSLEngine on SSLProxyEngine on SSLCertificateFile /etc/pki/tls/certs/your_company_certificate.pem SSLCertificateKeyFile /etc/pki/tls/certs/your_company_private_key.pem ServerName my_company_domain_name ProxyPass /app http://tomcat_server_ip:8443/app ProxyPassReverse /app http://tomcat_server_ip:8443/app </VirtualHost> Now in tomcat on server 2, we specified the following inside server.xml: <Connector port="8080" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="true" redirectPort="443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true"/> <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="true" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" scheme="https" secure="false" SSLEnabled="true" proxyPort="443" proxyName="my_company_domain_name" /> All the pages/services on server 1 are working fine. Only one service which is supposed to run on server 2 is giving a 503 error. We think the https handling between the two server could be an issue. We repeated the configuration with unsecure (port 80 on apache and corresponding 8080 on tomcat) setup but that did not work either. Can someone throw a light on what we need to do on tomcat in order for it work seamlessly? Thanks, Gautam --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
