I have Tomcat and Apache web server. by MOD_JK I configure Apache to send request for http://127.0.0.1/cas to Tomcat.
http://127.0.0.1/cas works correctly and Tomcat response to it.
now I want this https://127.0.0.1/cas to work, (SSL).
I search it and found that I need Virtualhost on Apache that send requests to Tomcat, my question is how can I create a SSL Virtualhost?
and should I remove all configuration that I create before this for http://127.0.0.1/cas?
Asked
Active
Viewed 1,072 times
1
Mohammad Ali Akbari
- 1,763
- 5
- 20
- 24
1 Answers
1
One vhost entry will reference :80 and the other :443
So for example (stripped down version) This assumes you never want to login with non-ssl.. So redirect to ssl
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
ServerName login.domain.com
Redirect / https://login.domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName login.domain.com
SSLEngine on
SSLCertificateFile /etc/httpd/conf/login.domain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/login.domain.com.key
SSLCipherSuite ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
ProxyPass / http://1.2.3.4:8080/cas
ProxyPassReverse / http://1.2.3.4:8080/cas
</VirtualHost>
That also assumes tomcat has the ip of 1.2.3.4 and running on port 8080
Mike
- 22,310
- 7
- 56
- 79
-
why you don't use mod_jk? it's not useful for this issue? – Mohammad Ali Akbari Jan 18 '11 at 15:54
-
I don't want mod_jk running on the same web nodes that do php – Mike Jan 18 '11 at 18:58
-
what is wrong? I get this error from Mozilla Firefox "the page isn't redirecting properly", it's because loop in redirection, how can I solve it? – Mohammad Ali Akbari Jan 19 '11 at 11:56