8/3/2023 0 Comments Apache tomcat ssl terminationI admit it's a bit short of links to back this claim. The clients connect to Tomcat directly and let it handle the SSL The traffic to Tomcat (SSL is rarely useful in this case), or you make Your SSL connection ends at Apache, and then you should reverse proxy You can't just relay the SSL/TLS traffic to Tomcat from Apache. This sounds similar to this question, where I've answered that it's not possible: Happy to have this moved if necessary but it is kind of programming with config files ) I am very familiar with the webapps and SSL and HTTPS and Tomcat, but my knowledge of the outer reaches of Apache HTTPD is limited. Is this possible with the configuration I've described? HTTPD just passes ciphertext directly to Tomcat so that TC can keep doing what it is already doing with logins, SSL, web.xml confidentialty guarantees, and most importantly client authentication. What I want to accomplish for HTTPS requests is that they are redirected 'blind' to Tomcat without HTTPD being the SSL endpoint, i.e. I am now in the process of inserting Apache HTTPD with mod-proxy and mod-proxy-balancer in front of Tomcat as a load balancer, prior to adding more Tomcat instances. I really don't want to disturb any of that while accomplishing the below. I also have a rather extensive JAAS-based authorization & authentication scheme, and there is all kinds of shared code and different JAAS configurations etc between the various webapps. One of the apps also accepts client-authentication via certificate. the login page protected by SSL as defined by confidentiality elements in their web.xmls. I have several web-apps running in Tomcat, with some pages e.g. I'm sure this is an FAQ but I couldn't find anything I recognized as being the same question.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |