How about the security concerns in having HTTP between reverse proxy and Tomcat?
On Sun, May 27, 2012 at 11:47 AM, John Renne <j...@gniffelnieuws.net> wrote: > > > > Now, I am trying to front Tomcat with apache reverse proxy+SSL. > > 1. Is it not redundant to configure the SSL in the Tomcat as well when > the > > fronting reverse proxy is already configured to handle SSL. > > I see lot of posts on the internet which configure SSL at both Tomcat > > and Reverse proxy. Am I missing something? > > Personaly I wouldn't use SSL between de frontend proxy and Tomcat. In case > of an apache server, I would rather let apache handle SSL offloading and > use mod_proxy, mod_proxy_ajp and mod_cluster to address tomcat using the > AJP protocol. > > John > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
