Re: [OpenBD] Tomcat and Subversion using SSL

Mon, 01 Nov 2010 22:07:03 -0700 

Okay, here is what I did. I'm not sure it is the best solution, but so
far it seems to work.

Here is what I did to get SVN and SSL to work. I first of all
disconnected the WANdisco Subversion Apache install from Tomcat.
Assigned http to port 81 and SSL to port 8443 and this separate
install works just fine for SVN.

Now to get SSL to work with Apache and OpenBD/Tomcat I installed a
second Apache server with OpenSSL. I connected it to OpenBD/Tomcat and
works great provided the ServerName specified in the httpd.conf file
is the same as the httpd-ssl.conf file. Also, the ProxyPass and
ProxyPassReverse must be handled in the httpd.conf file.

If you want to set any additional sites, don't use the
httpd-vhost.conf file, just specify any new sites in the
tomcat/.../conf/server.xml

Here are my example files:
================================
tomcat/.../conf/server.xml

<Host name="www.[domain 1]">
        <Context path="" docBase="F:/[site 1]"/>                
</Host>

<Host name="www.[domain 2]">
        <Context path="" docBase="F:/[site 2]"/>
</Host> 

================================
conf/httpd.conf

ServerName www.[domain 1]:80
ServerAdmin webmas...@[domain 1]
DocumentRoot "F:/[site 1]"
ServerName www.[domain 1]

ProxyRequests Off

<Proxy *>
        Order deny,allow
        Allow from all
</Proxy>

ErrorLog "logs/www.[domain 1]-error.log"
CustomLog "logs/www.[domain 1]-access.log" common

ProxyPass / ajp://www.[domain 1]:8009/
ProxyPassReverse / ajp://www.[domain 1]:8009/

================================
conf/extra/httpd-ssl.conf

<VirtualHost _default_:443>

        DocumentRoot "F:/[site 1]"
        ServerName www.[domain 1]:443

        . . . .

</VirtualHost>

================================

BTW: The ajp Rocks!!!

Stan

On Fri, Oct 29, 2010 at 6:56 PM, Alan Holden <[email protected]> wrote:
>  True.
> I hope we get an example of a working config out of this, because I have my
> own OpenBD/SSL project on the horizon.
> Al
>
> On 10/29/2010 4:40 PM, Matthew Woodward wrote:
>>
>> Phew--that was my thinking as well but I'll have to parse Stan's examples
>> more closely to try and figure out what's up. Wish I did more with SSL but
>> since 99% of what I do is behind a firewall, not much call for it. ;-)

-- 
Open BlueDragon Public Mailing List
 http://www.openbluedragon.org/   http://twitter.com/OpenBlueDragon
 official manual: http://www.openbluedragon.org/manual/
 Ready2Run CFML http://www.openbluedragon.org/openbdjam/

 mailing list - http://groups.google.com/group/openbd?hl=en

Reply via email to