ssl on apache/tomcat

Posted on 2009-05-27
Medium Priority
Last Modified: 2013-12-02
when installing ssl on a tomcat server with apach front end, does the ssl go on tomcat or apache?
Question by:bhomass
  • 4
  • 3

Author Comment

ID: 24486728
why is there no hits on this one? are the points too low? is the question too vague?

even if what I want to do is not possible, it would help to hear that from an expert, so I can move on to the next option.
LVL 33

Accepted Solution

Dave Howe earned 400 total points
ID: 24487715
because you only posted it a couple of hours ago and its evening here, so hadn't looked at it yet? :)

answer is - depends on how you set it up

tomcat can run standalone with its own ssl, it can run with mod_jk and its own SSL, or mod_jk letting apache handle the crypto for it.

for the apache/tomcat/mod_jk combo, there is a good overview here:


Author Comment

ID: 24488787
oh, I posted my addon in the wrong thread. I meant to raise attention to another thread I had on tomcat.

but for this one, could you tell me, if I need to have project context in tomcat. e.g. http://mydomain/myproject/mypage.html, but I want the exposed url to NOT have that context, e.g. http://mydomain/mypage.hml, then I must have mod_jk and not have tomcat standalone. am I correct?
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

LVL 33

Expert Comment

by:Dave Howe
ID: 24490665
in tomcat, one project will have "root" context, so will appear as http://mydomain/ instead of http://mydomain/project/ - this is defined in the file ROOT.xml file.  Is there a good reason you can't do this?

Author Comment

ID: 24494860
because my code looks for the /myapp context in the url. I don't want to change the code unless the benefits for removing the context is big enough to justify.

Assisted Solution

see4me2002 earned 400 total points
ID: 24504511
you can have the context and use apache's url rewrite module to show to the end user on whatever url you like to expose. on the other hand you should have the certificate in the apache for this to work.

Author Comment

ID: 24542560
before I close this question, can DaveHowe verified that indeed it is possible to do the second option:
it can run with mod_jk and its own SSL,

which differs from what see4me2002 says.
LVL 33

Expert Comment

by:Dave Howe
ID: 24544423
see4me2002 is correct in what he says, but doesn't differ, the context is just different :)

in order that mod_rewrite can rewrite the url for you, Apache *must* handle the ssl, or mod_rewrite can't look inside the transaction for the url to rewrite. if you wish to use other Apache modules to do work on the session, then mod_jk plus ssl and standalone tomcat aren't options - you must go via Apache.

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.
In the video, one can understand the process of resizing images in single or bulk. Kernel Bulk Image Resizer is an easy to use tool for resizing large number of images. One can add and resize multiple images with this tool in single go. The video sh…
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question