Cliff,
This is my current configuration, which seems to work pretty well, now I'm
just working on mounting another webapp to test and be sure.... /examples
works great, jsp and servlet examples can only be accessed from behind
https...
Also, I'm pretty sure Tomcat is on :443, as I can't get it anywhere else,
and I specified this port in the configs. I tried to see if it was on port
8007 after I received your message this morning, but it's not, nor is it on
8080, or 8008. With the configuration below, I can only access it via https
on port 443.
-----------------------------------------------------------
httpd.conf
(virtual host section)
<VirtualHost my.ip.address:443>
ServerAdmin [EMAIL PROTECTED]
DocumentRoot /usr/local/jakarta/jakarta-tomcat/webapps/ROOT (This seems to
successfully place Tomcat behind SSL)
ServerName yadda.yadda.com
ErrorLog yadda/yadda.log
TransferLog yadda/yadda.log
SSLCertificationFile /yadda/yadda/snake-oil-cert
SSLCertificationKeyFile /yadda/yadda/snake-oil-key
ApJServMount /examples ajpv12://localhost:443/examples (seems to work
great!)
ApJServMount /test ajpv12://localhost:443/test (not working yet...but I
don't think it's an SSL issue, just a Tomcat config issue.)
</VirtualHost>
Include /usr/local/jakarta/jakarta-tomcat/conf/tomcat.conf
<IfModule mod_jserv.c>
ApJServLogFile DISABLED
Include /etc/jserv/jserv.conf
</IfModule>
---------------------------------------------------
My suspicion is that I have some Tomcat configuration files incorrect in the
/test webapp, and that I should import another app that I created a few
weeks ago, configure it, and test it inside this VirtualHost configuration.
I realize this is getting a little off-topic for mod_ssl, but I've felt that
it was relevant up until now, so I'll cease posting any more unless I
suspect an ssl related issue. I just wanted to post this here just in case
anyone had any experience with Tomcat and mod_ssl configs...
Thanks for listening.
Tim Willis
IS Technician
Code Rite
[EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Cliff Woolley
Sent: Thursday, June 08, 2000 08:18
To: [EMAIL PROTECTED]
Subject: RE: Mod_SSL+Tomcat
Okay, definite problems here. First, your Include line
Include /usr/local/jakarta/jakarta-tomcat/conf/tomcat.conf
comes outside of the <VirtualHost></VirtualHost> section. That would be
okay, except that tomcat.conf contains lines that you want specific to a
particular vhost. In particular:
ApJServMount default /root
ApJServMount ajpv12://ipaddressofmylinuxbox:443/examples
The ApJServMount command defines a location within the namespace of a
virtual host... you want these lines to be inside your SSL vhost's
<VirtualHost></VirtualHost> section.
Second, ApJServMount default /root is, I'm guessing, incorrect. There
should generally be a leading / on the first argument (like /default in this
case). But do you really even want that line at all? Probably not. The
second ApJServMount line is *definitely* wrong. First of all, you're
missing the first argument (the partial URL to mount onto). Second, your
Tomcat server is definitely *not* running on port 443.
I'm hoping that you just omitted the SSLEngine on directive?
In any case, your problems are not SSL related, they're Tomcat related.
Read up on the documentation at http://jakarta.apache.org/ and
http://java.apache.org/ . If you continue to have problems configuring
Tomcat correctly, check the FAQs and mailing lists which are listed at those
web sites for assistance.
Hope this helps.
--Cliff
Cliff Woolley
Central Systems Software Administrator
Washington and Lee University
http://www.wlu.edu/~jwoolley/
Work: (540) 463-8089
Pager: (540) 462-2303
>>> [EMAIL PROTECTED] 06/07/00 12:45PM >>>
Thanks for the information, however, for some reason, the httpd.conf file
scoffs at the <Location> tag giving me an Invalid Command error and also
suggesting that it is either mis-spelled or defined by a module that isn't
included in the server configuration.
httpd.conf
(virtual host section)
<VirtualHost mydomain:443>
ServerAdmin [EMAIL PROTECTED]
DocumentRoot /usr/local/jakarta/jakarta-tomcat/webapps/ROOT (I recently
changed to the ROOT app to see if I could get to the JSP and Servlet
examples this way, but no dice.. am I going to have to mount /examples in
this document root as well? Incidentally, this seems to successfully place
most of Tomcat behind SSL)
ServerName yadda.yadda.com
ErrorLog yadda/yadda.log
TransferLog yadda/yadda.log
SSLCertificationFile /yadda/yadda/snake-oil-cert
SSLCertificationKeyFile /yadda/yadda/snake-oil-key
</VirtualHost>
Include /usr/local/jakarta/jakarta-tomcat/conf/tomcat.conf
<IfModule mod_jserv.c>
ApJServLogFile DISABLED
Include /etc/jserv/jserv.conf
</IfModule>
Now.. for the Tomcat.conf file....
LoadModule jserv_module libexec/mod_jserv.so
<IfModule mod_jserv.c>
ApJServManual on
ApJservDefaultProtocal ajpv12
ApJServSecretKey DISABLED
ApJservMountCopy on
ApJServLogLevel notice
ApJServMount default /root
AddType text/jsp .jsp
AddHandler jserv-servlet .jsp
ApJServMount ajpv12://ipaddressofmylinuxbox:443/examples
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
