I played around with the config for a few hours today - didn't get any
results. Having read that about name based hosting before, I switched to IP
based vhosting... - after poping in a few network cards...
What happens now is the same as before...
1)
I switch to HTTPS - and I get the standard warning about self signed
certificates...
2)
I accept it...
3)
Tomcat get's and compiles the request...showing isSecure is false...when
it should be true
4)
And apache feeds me the page via https, and the browser, and the browser
reports secure transmission.
5)
I check Apache's logs... (No errors in SSL via apache side..)
Tomcat's logs were garbled until I cleaned up my virtual host files -
but now they appear to be fine... - no errors.
Somewhere in there, Tomcat is getting the request - because it compiles the
JSP directives, and returns false when calling <%=request.isSecure()%>
However as noted above - this happens when using https! If I do the same
thing on my linux box - it works just fine - (albeit I didn't compile apache
myself on that thing... - but that shouldn't matter - because SSL does
work - just NOT with Tomcat...)
Here is the relevant part of my httpd.conf...
- note - NameVirtualHost * is commented out prior to this... - does
_default_:443 - mean it is still trying to use a default named Vhost, or a
default IP?
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
DocumentRoot c:/web/Tomcat-4-1/webapps/ROOT
ErrorLog logs/ssl-error_log
TransferLog logs/ssl-access_log
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/ssl/myDomain.cert
SSLCertificateKeyFile conf/ssl/myDomain.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
RewriteEngine On
RewriteOptions inherit
</VirtualHost>
</IfModule>
----- Original Message -----
From: "Robert L Sowders" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Wednesday, October 30, 2002 12:51 AM
Subject: Re: Tomcat SSL w/ Apache
> The configuration you describe for virtual hosts is correct except that
> for SSL to work correctly in Apache you have to use IP based virtual
> hosting. Name based virtual hosting will give you errors. See
> http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47
>
> rls
>
>
>
>
>
> "Randy Secrist" <[EMAIL PROTECTED]>
> 10/29/2002 07:58 PM
> Please respond to "Tomcat Users List"
>
>
> To: "Tomcat Users List" <[EMAIL PROTECTED]>
> cc:
> Subject: Tomcat SSL w/ Apache
>
>
> I have an interesting problem that I don't know much about. I am
> integrating Apache with Tomcat using mod_jk - and I have it mostly
> working. The only real problem I have left - is getting SSL - which
> appears to be working with Apache - to work with Tomcat.
>
> I have both HTTP connector's disabled in Tomcat. The only connector I
> have up is Coyote's AJP on 8009. (Via tomcat 4.1.12).
>
> When I switch to https and accept my self generated certificate, the
> browser returns the compiled jsp page, without any non secure warnings...
> - but if I call <%=request.isSecure()%> - it returns FALSE - even though I
> am using HTTPS. I'm not sure why this could be happening.
>
> In Apache - I have 2 virtual hosts mapped to the same domain name - on
> different ports - because I couldn't get it to work right with just one.
>
> mydomain.com:80
> and
> mydomain.com:443 (with all my SSL directives...)
>
> Could anyone offer advise?
>
> Randy
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
> For additional commands, e-mail:
<mailto:tomcat-user-help@;jakarta.apache.org>
>
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
