Example to explain APACHE+TOMCAT+SSL configuration

Apache

My operating environment: Windows2003 Server SP4 + j2sdk1.5.0 + Apache2.0.54 + Tomcat5.5.9

* * Preparation software:
1. Install Apache 2.0.54
2, Tomcat 5.5.14
3, JK2 Connector (mod_jk2.so)

One: Configure Apache and Tomcat

Apache installed under D:\Apache2, listening on port 80;
Tomcat under D:\TOMCAT51, listening on port 8080;
Both are installed with Windows 2000 service.

    copy mod_jk2.so to d:\Apache2\modules directory:
 
    1. Edit d:\Apache2\conf\ httpd.conf file, add in LoadModule section of code:
    LoadModule jk2_module modules/mod_jk2.so
 
    2. Change the Adddefaultcharset iso-8859-1 to Adddefaultcharset GB2312 so that Apache automatically supports Chinese display;
 
 & nbsp;  3. Add in "Virtual Host Configuration Snippet": (This configuration can be modified according to your actual situation)
  <virtualhost *:80>
    ServerAdmin linvsfen 163.com
    documentroot "d:/ Tomcat51/webapps/jsp-examples
    ServerName localhost
    ErrorLog logs/error _log
    customlog logs/access_log common
  </virtualhost>

* * Write Workers2.properties file and add the d:\Apache2\conf directory as follows:

# usually commented out on production environments
[Logger.apache2]
File= "D:/apache2/logs/error.log"
Level=error
# provide the basic config needed
[Config]
File=d:/apache2/conf/workers2.properties
Debug=1
# provide the location of SHM file on the Apache Web server
[SHM]
File=d:/apache2/conf/jk2.shm
size=1000000

[channel.socket:localhost:8009]
port=8009
Host=localhost
#define THE worker
[ajp13:localhost:8009]
channel=channel.socket:localhost:8009
# MAP The Tomcat examples WebApp to the WEB server URI spaces
[uri:/jsp-examples/*]
[Uri:/*.jsp]

* * Write a JSP file (sessiontest.jsp), placed under the d:\Tomcat51\webapps\jsp-examples;

After restarting, start Apache and Tomcat, Access http://localhost/jsp-examples/sessiontest.jsp can be accessed.

Two To configure the SSL step on Tomcat:

1. Generate server certificate Server02.jks and client certificates DWP.P12

2, put the Server02.jks into the Conf directory,

Open the D:\ tomcat51\conf\server.xml file,
The Server.xml file is then modified to remove comments from the annotated contents and to increase the location of the certificate deposit: as follows:
<connector port= "8443" maxhttpheadersize= "8192"
maxthreads= "minsparethreads=" maxsparethreads= "75"
Enablelookups= "false" disableuploadtimeout= "true"
Acceptcount= "Scheme=" "https" secure= "true"
Clientauth= "true" sslprotocol= "TLS"
Keystorefile= "Conf\server02.jks" keystorepass= "123456"
Truststorefile= "Conf\server02.jks" truststorepass= "123456"/>
Note: Server02.jks is a certificate storage file

3. Install client certificate DWP.P12

3. Modify the Tomcat configuration so that it automatically enables SSL

Open the D:\test\tomcat51\webapps\jsp-examples\WEB_INF\web.xml file, and under the Security-constraint tab, add the following:
<user-data-constraint>
<description>
Constrain the user data transport for the whole application
</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
Comment out the contents of the <auth-constraint> label
<auth-constraint>
<!--Anyone with one of the listed roles could access this area-->
<role-name>tomcat</role-name>
<role-name>role1</role-name>
</auth-constraint>
Under the Web-resource-collection label, add the following:
<url-pattern>/*</url-pattern>
Restart Apache and Tomcat,

Accesshttp://localhost/jsp-examples/sessiontest.jspIs the access, this is the system prompts the user to produce a certificate, enable SSL encryption channel, SSL is established, return the result. URL becomesHttps://localhost: 8443/jsp-examples/sessiontest.jsp