File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Tomcat and the fly likes configuring ssl for apache+openssl+tomcat Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "configuring ssl for apache+openssl+tomcat" Watch "configuring ssl for apache+openssl+tomcat" New topic
Author

configuring ssl for apache+openssl+tomcat

John Kim
Greenhorn

Joined: Jun 16, 2003
Posts: 6
i have apache 4 and tomcat 2 installed, which work perfectly fine through mod_jk2. i've been trying to set up a SSL secure server
by using mod_ssl, but after hours of working through it, i still haven't been able to make it work. in order to install mod_ssl, i enabled this
while configuring apache as below:
./configure --enable-ssl --with-ssl=/usr/openssl
before calling make and make install.
i can see that mod_ssl.c has been installed by typing ./bin/httpd -l, which shows a list of modules installed. at this point, i proceeded
to make the certificate key and a corresponding self-signed certificate using openssl. i made sure that the key and the certificate matched by
checking the modulus portion as instructed on mod_ssl.org. i didn't change anything in httpd.conf because it already had the include directive
for ssl.conf in the case of <IfDefine SSL>. I kept ssl.conf as it was when first installed, except changing the path for the certificate key and the
certificate file, as well as the Server Name within the SSL-enabled <VirtualHost>, because apache complained that the server name of the key/certificate
didn't match its 'Server Name'. Below is the portion that i've changed, as well as the error msg that prompted me to change the server name.
ssl.conf:
<VirtualHost 63.251.x.x:443>
# General setup for the virtual host
#DocumentRoot "/usr/local/apache2/htdocs"
DocumentRoot "/usr/local/apache2/temp"
#ServerName new.host.name:443
ServerName 63.251.x.x:443
#ServerAdmin you@your.address
ErrorLog logs/error_log
TransferLog logs/access_log
error msg:
[Wed Sep 10 16:47:55 2003] [warn] RSA server certificate CommonName (CN) `john doe' does NOT match server name!?
(so after this i changed the common name of the crt to [my ip address]:443)

starting apache is fine w/o any errors, but when i tried to access the page by going to https://63.251.x.x, i get 'cannot find server - the page cannot
be displayed' error. i understand that sometimes apache+openssl+mod_ssl has problems with IE, but all the fixes recommended on mod_ssl.org has
already been included in the .conf files that i have. is there something else i'm missing here? any help would be appreciated. thanks in advance.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: configuring ssl for apache+openssl+tomcat
 
Similar Threads
SSL and Apache - Installing Certificates on Apache
sniffers, applet / Apache, mod_ssl, servlet/Tomcat, Oracle
problem with virtual host
Apache HTTP Server is not responding on 100 User Load
https request throws 503 while http works