----- "Bruno Melloni" <Bruno.Melloni@xxxxxxxxxxxxx> wrote: > I successfully setup Apache Web Server, mod_ssl and mod_jk so that > Apache acts as the load balancer for a cluster of Tomcat(based) > servers - using self-signed certificates. This means that I created > Apache's certificates with openssl and Tomcat's with Java's keytool. First off: The recommended way to connect Tomcat and httpd these days is via mod_proxy_ajp/mod_proxy_balancer. Next, for your sanity's sake, I do not recommend the use of keytool. Tomcat understands a number of formats: http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html#Prepare%20the%20Certificate%20Keystore > Two of my applications communicate with each other via HTTPS, and the > servers must trust each other. For the Tomcat server to trust the > Apache server all I need to do is import the Apache certificate into > the keystore (and/or cacerts). > > How do I make Apache trust the Tomcat server so that app-to-app HTTPS > calls work? Or do I even need to? Exactly the same way: http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslproxycacertificatefile > Thanks Bye, -- Igor Galić Tel: +43 (0) 699 122 96 338 Fax: +43(0) 1 91 333 41 Mail: i.galic@xxxxxxxxxxxxxx URL: http://brainsware.org/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|