3 Replies Latest reply on Jan 8, 2005 3:37 PM by jgra

    Apache and JBoss under SSL

    xinwan

      Hi there,

      I have set up an Apache 2.0.44 server which redirect all JSP requests to another JBoss/Jetty server using mod_proxy and ProxyPass. The Apache server does not do anything except routing all request through. It works perfectly.

      Now I want to use a similar set up under SSL. Because Apache does not have a module to support https like mod_proxy_http, I assume I cannot do something like
      ProxyPass / https://myserver:443/

      Anyone has done this please help.

      Thanks,

      Xin

        • 1. Deploying Nules other app servers.
          dhartford

          I'm interested in open source Java CMS, but my customers run on a variety of application servers, not just JBoss.

          I read that Nukes is a J2EE app so I assume automatically that it will run on other app servers, but I also read that it requires JMX and that this makes it difficult to install on other app servers. What is the deal?

          For example, Weblogic supports J2EE and JMX, so what will it take to deploy Nukes to Weblogic?

          • 2. Re: Apache and JBoss under SSL

            Find the jetty-support list in the FAQ on this forum, search the archive and then try the question on that list.

            If you get a good answer, let me know and I will include it in the FAQ.

            Jules

            • 3. Re: Apache and JBoss under SSL

              Currently ssl proxing isn't avaiable for apache, if ever will be, because this protocol was designed to eliminate such posibilites (man in the middle attack, etc)
              You can setup SSL on Apache (version 2.0.X have build in mod_ssl so you can get support for ssl out of the box) then use AJP1.3 connector (mod_jk apache module which could be found on tomcat project page http://jakarta.apache.org/tomcat/connectors-doc/) to forward request to Jetty/Jboss.
              Detalied info you could find here: http://jetty.mortbay.org/jetty/faq?s=700-Clustering&t=modjk

              But remeber AJP1.3 protocol doesn't provide such ssl futures like encryption and authentication so apache server and Jetty should be installed on same machine and use loopback interfejs for communication for maximum security.

              Regards
              Janusz