Truckman wrote:
As per list member "Pid", I am starting a new thread rather than
lobotomizing an existing one. Pid, you're right, my apologies, I was being
lazy.
Using apache virtual hosting, I am trying to forward port 443 to tomcat, yet
have port 80 serve "normal" local content in the traditional fashion. The
reason for this is by business policy the application running on tomcat must
be accessed via https using ssl, and the user instruction manual for that
application resides on port 80, and is just a bunch of html files.
Meaning:
(443) https://www.example.org -> proxypass / ajp --> tomcat6
(80) http://www.example.org -> serves html files from /mnt/html/example
To achieve this, we created the following definitions within
/etc/httpd/conf.d/virtuals.conf:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName www.example.com:443
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /mnt/html/example/example.com.crt
SSLCertificateKeyFile /mnt/html/example/www.example.com.key
ProxyPass / ajp://localhost:8009/
</VirtualHost>
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.example.com:80
# ProxyPass / ajp://localhost:8009/
DocumentRoot /mnt/html/example
</VirtualHost>
Unfortunately, the above doesn't work. It appears we have to change the
port 80 definition to the below to allow port 443 to proxy through ajp:
<VirtualHost *:80>
ServerName www.example.com:80
ProxyPass / ajp://localhost:8009/
# DocumentRoot /mnt/html/example
</VirtualHost>
Does proxypass ajp REQUIRE that both ports be forwarded? Or can we have
port 443 proxy up to tomcat, and port 80 serve ordinary, boring, html files?
What if you simply do /not/ specify the port number in your "ServerName"
directives above ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
