ssl on apache/tomcat

when installing ssl on a tomcat server with apach front end, does the ssl go on tomcat or apache?
bhomassAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bhomassAuthor Commented:
why is there no hits on this one? are the points too low? is the question too vague?

even if what I want to do is not possible, it would help to hear that from an expert, so I can move on to the next option.
0
Dave HoweSoftware and Hardware EngineerCommented:
because you only posted it a couple of hours ago and its evening here, so hadn't looked at it yet? :)

answer is - depends on how you set it up

tomcat can run standalone with its own ssl, it can run with mod_jk and its own SSL, or mod_jk letting apache handle the crypto for it.

for the apache/tomcat/mod_jk combo, there is a good overview here:

http://tomcat.apache.org/connectors-doc/webserver_howto/apache.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bhomassAuthor Commented:
oh, I posted my addon in the wrong thread. I meant to raise attention to another thread I had on tomcat.

but for this one, could you tell me, if I need to have project context in tomcat. e.g. http://mydomain/myproject/mypage.html, but I want the exposed url to NOT have that context, e.g. http://mydomain/mypage.hml, then I must have mod_jk and not have tomcat standalone. am I correct?
0
Challenges in Government Cyber Security

Has cyber security been a challenge in your government organization? Are you looking to improve your government's network security? Learn more about how to improve your government organization's security by viewing our on-demand webinar!

Dave HoweSoftware and Hardware EngineerCommented:
in tomcat, one project will have "root" context, so will appear as http://mydomain/ instead of http://mydomain/project/ - this is defined in the file ROOT.xml file.  Is there a good reason you can't do this?
0
bhomassAuthor Commented:
because my code looks for the /myapp context in the url. I don't want to change the code unless the benefits for removing the context is big enough to justify.
0
see4me2002Commented:
you can have the context and use apache's url rewrite module to show to the end user on whatever url you like to expose. on the other hand you should have the certificate in the apache for this to work.
0
bhomassAuthor Commented:
before I close this question, can DaveHowe verified that indeed it is possible to do the second option:
it can run with mod_jk and its own SSL,

which differs from what see4me2002 says.
0
Dave HoweSoftware and Hardware EngineerCommented:
see4me2002 is correct in what he says, but doesn't differ, the context is just different :)

in order that mod_rewrite can rewrite the url for you, Apache *must* handle the ssl, or mod_rewrite can't look inside the transaction for the url to rewrite. if you wish to use other Apache modules to do work on the session, then mod_jk plus ssl and standalone tomcat aren't options - you must go via Apache.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java App Servers

From novice to tech pro — start learning today.