Thanks for quick reply!! Yes my tomcat server is behind the firewall,
but corporate security guidelines also is demanding that the
communications between apache and tomcat be ssl encrypted. I am going to
check out stunnel.org.
Thanks!
Michael Echerer wrote:
Liz Donaldson wrote:
Hi,
I have a apache https enabled webserver and tomcat server an and am
using the mod_jk connection module. From all the documentation I have
read, it indicates that apache handles all the SSL negotiations and that
the traffic between apache and tomcat is clear text. How can I enable
Well in fact the traffic uses ajp13, a protocol which is not really
"clear text". It's a binary format for optimization reasons.
Nevertheless it's of course not crypted (if you know the protocol), but
it might suffice for "minor" security demands as you cannot simply read
it using sniffer tools.
communications between apache and tomcat to be encrpypted.
For mod_jk and Tomcat I doubt you can encrypt it. I never
heard/read/seen anything in the docu, too.
You could maybe try things with an ssl tunnel like stunnel.org, but
that's just a guess...
BTW: Why is the communication between Apache and Tomcat an issue at all?
Usually/Hopefully you're already in a "secure" environment with your
Apache behind a firewall etc.
Cheers,
Michael
Thank You in advance,
Liz
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
