Liz Donaldson wrote: > Hi, > > I have a apache https enabled webserver and tomcat server an and am > using the mod_jk connection module. From all the documentation I have > read, it indicates that apache handles all the SSL negotiations and that > the traffic between apache and tomcat is clear text. How can I enable Well in fact the traffic uses ajp13, a protocol which is not really "clear text". It's a binary format for optimization reasons. Nevertheless it's of course not crypted (if you know the protocol), but it might suffice for "minor" security demands as you cannot simply read it using sniffer tools. > communications between apache and tomcat to be encrpypted. For mod_jk and Tomcat I doubt you can encrypt it. I never heard/read/seen anything in the docu, too. You could maybe try things with an ssl tunnel like stunnel.org, but that's just a guess...
BTW: Why is the communication between Apache and Tomcat an issue at all? Usually/Hopefully you're already in a "secure" environment with your Apache behind a firewall etc. Cheers, Michael > > Thank You in advance, > Liz > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
