AJP doesn't use SSL, never has, so I'm not sure what the problem
would be
the only way to get SSL between apache and tomcat, is to use mod_proxy
Filip
c. wrote:
> Thanks Filip,
>
> We've always had the need for SSL, and our config worked without any
> changes
> when I put AJP in the mix. It doesn't, however, work with proxy
http.
>
> On 3/23/07, Filip Hanik - Dev Lists <[EMAIL PROTECTED]> wrote:
>>
>> in my last email I forgot one
>>
>> SSLProxyMachineCertificateFile <--
>> SSLProxyEngine
>> SSLProxyMachineCertificatePath
>> SSLEngine
>> SSLProxyProtocol,
>> SSLProxyCipherSuite
>>
>> c. wrote:
>> > Filip, thanks for the info, I'll listen to anyone with good
advice.
>> > So you
>> > recommend mod_proxy_http over mod_jk?
>> >
>> > Is it the same basic setup as mod_proxy_ajp? Looking at the
doc (
>> > http://httpd.apache.org/docs/2.0/mod/mod_proxy_http.html) it
doesn't
>> give
>> > much info.
>> >
>> > c.
>> >
>> > On 3/23/07, Filip Hanik - Dev Lists <[EMAIL PROTECTED]> wrote:
>> >>
>> >> Christopher Schultz wrote:
>> >> > -----BEGIN PGP SIGNED MESSAGE-----
>> >> > Hash: SHA1
>> >> >
>> >> > Filip,
>> >> >
>> >> > Filip Hanik - Dev Lists wrote:
>> >> >
>> >> >> I'd recommend moving to mod_proxy_http, it will be easier for
>> you to
>> >> debug.
>> >> >>
>> >> >
>> >> > Bah! :(
>> >> >
>> >> that sounds knowledgeable :)
>> >> >
>> >> >> the error below seems to be more of a problem with apache
>> >> (mod_proxy_ajp)
>> >> >> then with tomcat, tomcat is simply trying to write a
message, but
>> the
>> >> >> connection is no longer valid.
>> >> >>
>> >> >
>> >> > The problem is that the connection has been closed at some
point.
>> It's
>> >> > usually because the user hit the STOP button on their
browser and
>> >> closed
>> >> > the connection.
>> >> >
>> >> > You can pretty much ignore these errors.
>> >> >
>> >> yes, and instead filling up the logs
>> >> > No need to switch connectors.
>> >> >
>> >> actually, if you are gonna use AJP, use mod_jk, mod_proxy_ajp
is not
>> >> moving in the same pace.
>> >> however, I'd recommend using HTTP, the HTTP connectors on
tomcat are
>> >> finely tuned,
>> >> if there ever is a problem in the communication, you'll just
put in
a
>> >> sniffer and can see it direct.
>> >>
>> >> but hey, don't listen to me :)
>> >> Filip
>> >> > - -chris
>> >> >
>> >> > -----BEGIN PGP SIGNATURE-----
>> >> > Version: GnuPG v1.4.7 (MingW32)
>> >> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>> >> >
>> >> >
iD8DBQFGBA1E9CaO5/Lv0PARAqGMAJ90+P79Kt1Vhhm+a+aeNvdupzhJ4QCcDhzn
>> >> > 58umlhiChNndLXSputpG5rk=
>> >> > =IxYN
>> >> > -----END PGP SIGNATURE-----
>> >> >
>> >> >