Hi, We are concerned about the issues we found some weeks ago, do you have any suggestions about it?
Best Regards, AT -----Mensaje original----- De: Christopher Schultz [mailto:ch...@christopherschultz.net] Enviado el: lunes, 09 de diciembre de 2013 22:51 Para: Tomcat Users List Asunto: Re: Exception in CoyoteAdapter class -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 AT, On 12/9/13, 6:43 AM, at.silk wrote: > 2. What is in front of Tomcat? An Apache HTTPD server? -> Right. > > Is Apache HTTPD accessed via HTTPS? -> Right, via HTTPS > > How mod_jk is configured there? Is mod_jk configured to pass > SSL_SESSION_ID to Tomcat? > > AT: This is our configuration: AllowCONNECT 443 SSLEngine on > SSLProxyEngine on SSLProxyVerify none SSLOptions +StdEnvVars > +ExportCertData SSLProtocol all -SSLv2 SSLCipherSuite > ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW > SSLCertificateFile "xxx.crt" SSLCertificateKeyFile "xxx.key" > ProxyPass / ajp://localhost:8010/ connectiontimeout=3600 > timeout=3600 ProxyPassReverse / ajp://localhost:8010/ Note a note: this is a mod_proxy_ajp configuration, not a mod_jk one. I know that mod_jk uses SSLOptions +StdEnvVars to pass the SSL session id to Tomcat, but I'm sorry, I don't know about mod_proxy_ajp. I can imagine that it would operate in a similar way, but the mod_proxy_ajp documentation isn't as forthcoming as the mod_jk documentation. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSpjtYAAoJEBzwKT+lPKRYbp4P/3xElIVs2K47Y/+ppay3Np/7 TyhYLXIdgUAvapRy6p8KC8okiAxgteNkPPtwxywQqR/LkM0mHeFtN3OFJe1MHl0D qJ3ZoyYEKbe+4bGuUm/SLX7YswSO+0nTsf9OGmi2XVZyCXff0faxZFSZ2N1hW+0y 4+J1eLcG+yHAkaN9JSsSHYx+M9hKoMz4ZXIohnB1zfvD1iroSoBpPPlbdl0BXBaa /b6yNjFfpgqxojiCdP8/eA2/Tdd5+p9aNwUWAYiq3vMME6+oDuYMghQifK1pIbzP ezgF4/IObA8y1Zhavnw2hA3ZjtNcXauzSmF9iTxlDQaEhjVeiAtwAv+yrXyhQB6/ J1pc/1DpVTsA+7j/JEGKhpna8W0G6aJc7iIFoqu5g36bHEoZbNDlnLZDE2kZrSda q1zjIklRhmiA1lEqh8tW4N1ushBgkJpQp2PZx5ZNqsvbrr3djbFHSkXUKgus3VsS czdD7vuhGsHX8ER/c3/KD59TF7IDUcjluJWyQRhoc2P+S0xTtDMTHDLvx4WXwLm1 ZU3+pzR/MAoCI0kesq5NxR4lewyT3n9MW3nD62sO1h9ieqoOuhQ8eRqxSpBTsZZH Sy+GorGhXiZmdr02llagtHrdiexrY84oPzTioIPkQ8/C9TlR7zDaxpPE39HjILkd r8ajstixh1CbE3sC2h1C =hEow -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
