: Here's the scenario. Apache server sits outside our firewall/LAN. It needs to take secure requests from users, forward them onto Tomcat (Which sits behind the firewall) via the JK connector. Is there some configuration option in Tomcat and/or the workers2.properties config file that will handle this? Most of the documentation I've read seems to describe setups where Apache is not calling a remote Tomcat server. Only other option would be to use kernel encryption at the OS level. Thanks in advance.

This depends on your goal: do you want to

1/ make sure the traffic between the webserver / tomcat is encrypted to
 discourage snooping

2/ let Tomcat see some of the SSL-related req info to satisfy security
 constraints in web.xml, e.g. the one to require SSL comms (I forget
 the tag name at the moment)

For #1, I'm not much help.

For #2, this doc:

 http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk/workershowto.html

may help. If you scroll to the "Ajp13 Worker properties" header,
mentions that this protocol passes the info to Tomcat.

-QM

--

software -- http://www.brandxdev.net (C++ / Java / SSL)
tech news -- http://www.RoarNetworX.com


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)