Get ready for differing opinions on this, it's been asked loads of times before, try searching the archives for more info. My very quick summary would be that you do not need apache httpd to do SSL, and it can be very fast and stable without apache, as well as simpler to config if you don't already know apache, but there are good reasons to introduce apache.
depending on the exact requirements of your site, there are some useful feature benefits from using apache+tomcat, and when the site gets heavily loaded, apache+tc performs better than tc alone, if you let apache handle the static page requests. A friend of mine advises me that he uses apache+tc for these reasons: - server side includes which is easier for most people to use to do minor dynamic content in otherwise static pages - mod_rewrite can help with redirection between http <-> https if you have pages that can only be accessed through one or other protocol - can config reverse proxy content off another server I do not run apache with my TC because I do not require any of these features; however I am not against using it for the right app. > -----Original Message----- > From: Scott Purcell [mailto:[EMAIL PROTECTED] > Sent: Monday 23 May 2005 14:39 > To: [email protected] > Subject: Tomcat For SSL > > > Hello, > > I have a webapp that is running on Tomcat 5.5. I have always > developed just using Tomcat. Now I want to take a site, and > host it. The site will also run certificates for SSL. Should > I wrap my site around Apache now. Meaning should I install > apache and put tomcat inside? Or however this is done. Or can > tomcat handle SSL certificates (from Verisign?) as it is. I > hear of security issues, etc. > > Any information would be appreciated. > > Thanks, > Scott > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
