> One more point. These servlets must be in a secure environment. They > > use a Thawte certificate for security. I thought Tomcat could be > > configured to use a secure certificate fairly simply, but he says > > otherwise.
Thawte certs can be used with tomcat, just the installation of the cert is a bit problematic --> http://www.comu.de/docs/tomcat_ssl.htm > Yes. Anyway I'd suggest to always use Apache as the frontend (handling > as well the SSL stuff) and then connect tomcat with AJP12/13 to the > apache. Maybe I did something wrong with mod_jk but, since I split Apache from Tomcat again, we got a huge performance increase on the tomcat side. Now Apache handles http and Tomcat handles https. Since "our" webapp needs secure auth anyway, we use tomcat for the whole process. IMHO, noone will run into trouble if he/she uses tomcat without apache. The only problem i can see is, that tomcat 3.3.x is unable to use different sslcerts for different vhosts. Can anyone pls verify this? Or better not ;-)) -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>