Brian Tol wrote:
> In particular, the bottom half of page 12 refers to "Network encryption
> (VPN) may be used betweeen any merchant system and any back-end
> database" and on page 14: "When transmitting data across networks,
> always use encryption techniques..."
>
> If I'm reading this correctly, it sound like traffic between Apache and
> Tomcat need to be encrypted.
>
> I know that ajpv13 can detect SSL requests, but is there any support for
> encrypting traffic between the two systems? Or am I just reading this
> wrong?
As I understand it, the combination of SSL support and mod_proxy in
Apache v2.0 is capable of connecting to a backend server using an SSL
connection.
So, configure Apache v2.0 with SSL, and use mod_proxy to connect to a
Tomcat instance running the HTTP/1.1 connector with SSL support. This
way you get encrypted connections between Apache and Tomcat.
Or - just let Tomcat handle the request directly using HTTP/1.1
connector + SSL.
Regards,
Graham
--
-----------------------------------------
[EMAIL PROTECTED] "There's a moon
over Bourbon Street
tonight..."
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
