On Tue, 13 Aug 2002, Pooleery, Manoj wrote: > i have it working on different machines. Tomcat on one machine and > apache on another. SSL will work irrespective of the machines, as > long as both of the machines can see each other.(i mean on the same > network).
Are you sure you are understanding the question? That is, it doesn't have to do with Apache handling SSL on the front end (or even Tomcat, if/when it's running standalone), but rather the communication between Apache and Tomcat using SSL in the middle. So we're not talking about secure HTTP (HTTPS) communication, but rather secure "whatever protocol is being used to communicate between Apache and Tomcat" (e.g. AJP, WARP). Frankly, I have seen this question come up before -- it is a very reasonable one, what is the point of having security on the front end, if there is no security in the middle or the back end, after all -- but I don't think I've ever seen an answer saying it can be done. > -----Original Message----- > From: Wills, Mike N. (TC) [mailto:[EMAIL PROTECTED]] > Sent: Monday, August 12, 2002 4:38 PM > To: 'Tomcat Users List' > Subject: RE: SSL Connection Tomcat and Apache > > > What about the transmittions between Apache and Tomcat? I realize if they > are on the same machine it isn't a problem, but what about if it is on a > different machine? > > This is all for the intranet. > > -----Original Message----- > From: Pooleery, Manoj [mailto:[EMAIL PROTECTED]] > Sent: Monday, August 12, 2002 3:33 PM > To: 'Tomcat Users List' > Subject: RE: SSL Connection Tomcat and Apache > > > In the httpd.conf file of apache, you can implement the virtual host > directive for SSL. The port used is 443. You have to have an entry like > this - > > ## > ## SSL Virtual Host Context > ## > > <VirtualHost <server_name>:443> > > # General setup for the virtual host > DocumentRoot "C:/Apache/htdocs" > ServerName <server_name> > ServerAdmin webmaster@localhost > ErrorLog logs/ssl/error.log > TransferLog logs/ssl/access.log > > SSLCertificateFile "<certificate_location>/<certificate_name>" > SSLCertificateKeyFile "<certificate_key_location>/<certificate_key>" > </VirtualHost> > > you have to generate a CSR file(instructions for creating a CSR can be found > at http://www.verisign.com/support/csr/apache/v01.html). Once you create a > CSR, you can send it to any of the certificate issuing authorities(verisign, > thawte etc) and once you get a certificate, you make the above changes in > the httpd.conf. > > Thanks > Manoj. > > -----Original Message----- > From: Wills, Mike N. (TC) [mailto:[EMAIL PROTECTED]] > Sent: Monday, August 12, 2002 4:21 PM > To: '[EMAIL PROTECTED]' > Subject: SSL Connection Tomcat and Apache > > > I have Apache and Tomcat working together, but now I am curious on security. > How I do implement SSL on that connection? > > Mike Wills > IT Corporate Support > Taylor Corporation > [EMAIL PROTECTED] > Phone: (507) 386-3187 > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > Milt Epstein Research Programmer Systems and Technology Services (STS) Campus Information Technologies and Educational Services (CITES) University of Illinois at Urbana-Champaign (UIUC) [EMAIL PROTECTED] -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
