Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: Users

Virtual Host Set UP for Apache 2.2+SSL+Tomcat 5.5 + mod_Jk

  

 
Apache users RSS feed   Index | Next | Previous | View Threaded


kohan.massoud at gmail

Jul 22, 2008, 6:54 PM

Post #1 of 2 (436 views)
Permalink
Virtual Host Set UP for Apache 2.2+SSL+Tomcat 5.5 + mod_Jk
Hi,

I set up the * Apache 2.2+SSL+Tomcat 5.5 + mod_Jk* it works fine with http.
when I use https I get Forbidden errors.

How to configure the Apache2.2 virtual Host to be accessible the whole
application with https and http the same time(the login link needs to be
implemented with HTTPS for external authentication server which belongs to
another organization)

here are the *httpd.conf* and *httpd-ssl.conf* files.


*httpd.conf file(short describtion):*

Listen mydomainIP:80


LoadModule jk_module modules/mod_jk-apache-2.2.4.so



<IfModule mod_jk.c>

JkWorkersFile conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel error
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"

Alias /list "/usr/local/jakarta-tomcat/webapps/list/"

<Directory "/usr/local/jakarta-tomcat/webapps/list/">
Options Indexes +FollowSymLinks
AllowOverride None
Allow from all
</Directory>


Alias /example "/usr/local/jakarta-tomcat/webapps/example/"

<Directory "/usr/local/jakarta-tomcat/webapps/example/">
Options Indexes +FollowSymLinks
AllowOverride None
Allow from all
</Directory>


<Location "/*/WEB-INF/*">
AllowOverride None
deny from all
</Location>
JkMount /list/* example
JkMount /example/* example

</IfModule>


# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>





*httpd-ssl.conf *

* *



Listen 443


AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/usr/local/apache2.2/logs/ssl_scache(512000)
SSLSessionCacheTimeout 300

SSLMutex file:/usr/local/apache2.2/logs/ssl_mutex


<VirtualHost _default_:443>

# General setup for the virtual host
DocumentRoot "/usr/local/apache2.2/htdocs"
ServerName mydomain:443
ServerAdmin mk [at] kk
ErrorLog /usr/local/apache2.2/logs/error_log
TransferLog /usr/local/apache2.2/logs/access_log


SSLEngine on

SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /usr/local/apache2.2/conf/server.crt
SSLCertificateKeyFile /usr/local/apache2.2/conf/server.key


# Server Private Key:
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/apache2.2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /usr/local/apache2.2/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

Thanks for your help.

MK



--
Massoud


dodge at cruciate

Jul 24, 2008, 6:49 AM

Post #2 of 2 (369 views)
Permalink
Re: Virtual Host Set UP for Apache 2.2+SSL+Tomcat 5.5 + mod_Jk [In reply to]
On Tue, 22 Jul 2008, kohanm wrote:

> Hi,
>
> I set up the * Apache 2.2+SSL+Tomcat 5.5 + mod_Jk* it works fine with http.
> when I use https I get Forbidden errors.
>
> How to configure the Apache2.2 virtual Host to be accessible the whole
> application with https and http the same time(the login link needs to be
> implemented with HTTPS for external authentication server which belongs to
> another organization)
>
> JkWorkersFile conf/workers.properties
> JkLogFile logs/mod_jk.log
> JkLogLevel error
> JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
> JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
> JkRequestLogFormat "%w %V %T"
>

Jk mounts defined in the server contexts to not automatically propagate
to VHosts. You probably either need the JkMount in the SSK
VHost or use the JkMountCopy directive in the server context.


----------------------------------------
"Mon aéroglisseur est plein d'anguilles"
John P. Dodge
Boeing Shared Services


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd
" from the digest: users-digest-unsubscribe [at] httpd
For additional commands, e-mail: users-help [at] httpd

Apache users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.