First of all I put my app in tomcat7 as a ROOT so its like localhost:8080/
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
URIEncoding="UTF-8"
/>
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" keystoreFile="/var/lib/tomcat7/conf/allegroTransaction.keystore" keystorePass="spec123ut"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Second is my apache2 config:
NameVirtualHost test.domian.com:80
Listen 80
<VirtualHost test.domian.com:80>
ServerName test.domian.com
DocumentRoot "/var/www/elo"
ProxyRequests Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://127.0.0.1:8009/
#ProxyPassReverse / http://127.0.0.1:8080/
</VirtualHost>
And now the problem in error log I see:
[Sun Apr 27 16:24:23 2014] [warn] proxy: No protocol handler was valid
for the URL /. If you are using a DSO version of mod_proxy, make sure
the proxy submodules are included in the configuration using
LoadModule.
But everything look ok any ideas ?
It looks like you are missing the following line in httpd.conf:
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
Related
Let's say my app is www.example.com.
When I put mydomin.com in the browser, it should redirect to https://www.example.com.
I have configured SSL already on my server.
If I put https://www.example.com, it always opens, but it does not redirect if I entered example.com.
Here is my connector:
<Connector port="8080" connectionTimeout="20000" protocol="org.apache.coyote.http11.Http11NioProtocol" redirectPort="443" />
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="file.jks" keystorePass="pass" />
My server is Tomcat 7 and Linux box.
your http port is 8080 instead of the default 80. A url without the port number will default to port 80 hence http://www.example.com. would go to http://www.example.com:80/.
I am trying to implement SSL for my application using jboss. Below is the implementation in server.xml file.
<Service name="jboss.web"
className="org.jboss.web.tomcat.tc5.StandardService">
<!-- A HTTP/1.1 Connector on port 80
<Connector port="80" address="${jboss.bind.address}"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"/> -->
<!-- A AJP 1.3 Connector on port 8009 -->
<Connector port="8809" address="${jboss.bind.address}"
enableLookups="false" redirectPort="8443" debug="0"
protocol="AJP/1.3"/>
<!-- SSL/TLS Connector configuration using the admin devl guide keystore-->
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
keystorePass="rmi+ssl" sslProtocol = "TLS" />
This configuration is working for 'https://localhost:8443' on server but not using my domain eg.'https://test-example.com:8443'.
Please test using this configuration as i have added the SSLEnabled = "true".As it is mandatory
<!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
<Connector protocol="HTTP/1.1" SSLEnabled="true"
port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
keystorePass="rmi+ssl" sslProtocol = "TLS" />
If localhost works but not the domain name, then it's probably because the ${jboss.bind.address} is 127.0.0.1. Verify that you're binding the server's IP and not the loopback.
I am working on a Debian X64 server in which I have to perform a setup with Apache server and tomcat. What I am trying to do is to create two copies of Apache tomcat, with the 2nd one in stand-by.
In the event of a failure by the first Tomcat instance/copy, when it goes down automatically/error/manually, then the 2nd instance should be activated.
I am able to tie two instances of Apache tomcat on different ports, that is not the problem. But how to keep another Tomcat on stand-by and use it automatically in-case of failure, that part I am not able to figure out.
This is what I have till now :
<VirtualHost *:80>
ServerName www.domain_tomcat.com
ServerAlias domain_tomcat.com
ProxyRequests on
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorDocument 503 /maintenance.html
ErrorDocument 404 /maintenance.html
ErrorDocument 500 /maintenance.html
ProxyPass /maintenance.html !
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:80>
ServerName www.domain_tomcat.com
ServerAlias domain_tomcat.com
ProxyRequests on
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorDocument 503 /maintenance.html
ErrorDocument 404 /maintenance.html
ErrorDocument 500 /maintenance.html
ProxyPass /maintenance.html !
ProxyPass / http://localhost:8081/
ProxyPassReverse / http://localhost:8081/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
First tomcat's server.xml :
<Connector port="8080" proxyPort="80" redirectPort="443" protocol="org.apache.coyote.http11.Http11NioProtocol" compression="force" compress$
connectionTimeout="20000" maxPostSize="5242880"
URIEncoding="utf-8"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/ javascript,application/x-javascript,application/javascript"/>
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxPostSize="5242880" SSLEnabled="true" maxThreads="200" compr$
compressionMinSize="1024" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"
keystoreFile="keystore.jks" keystorePass="PASSWORD" URIEncoding="utf-8"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/ javascript,application/x-javascript,application/javascript"/>
Second tomcat's server.xml :
<Connector port="8081" proxyPort="80" redirectPort="443" protocol="org.apache.coyote.http11.Http11NioProtocol" compression="force" compress$
connectionTimeout="20000" maxPostSize="5242880"
URIEncoding="utf-8"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/ javascript,application/x-javascript,application/javascript"/>
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxPostSize="5242880" SSLEnabled="true" maxThreads="200" compr$
compressionMinSize="1024" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"
keystoreFile="keystore.jks" keystorePass="PASSWORD" URIEncoding="utf-8"
compressableMimeType="text/html,text/xml,text/plain,text/css,text/ javascript,application/x-javascript,application/javascript"/>
Now, how to bind all these together, and is this approach correct. Kindly let me know. Thank you.
I tried to configure SSL certificate for Tomcat 7(7.0.61) which I installed on Azure Windows VM.
Https does not work and there are no errors in Tomcat logs. I use Digicert certificate which gave me .jks keystore file. VM has its own DNS: myVm.cloudapp.net I registered my own domain NNN.today at one.com and make redirection from NNN.today to myVm.cloudapp.net.
When created certificate I used NNN.today. I configured endpoints for my VM (http for port 80 and SSL for port 443). APR listener is commented out in server.xml.
Here is my server.xml config:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443"
maxThreads="150" minSpareThreads="25"
enableLookups="false" disableUploadTimeout="true" acceptCount="100"
scheme="https" secure="true" SSLEnabled="true" clientAuth="false"
sslProtocol="TLS" keyAlias="server"
keystoreFile="${catalina.base}/conf/app_farewell_today.jks" keystorePass="my_password" keystoreType="JKS"
truststoreFile="${catalina.base}/conf/app_farewell_today.jks" truststorePass="my_password" truststoreType="JKS"/>
What am I doing wrong? Any help appreciated!
The VM's firewall should be configured to listen to this ports as well and the public endpoint configuration should map to the proper internal ports as well.
We want to redirect all traffic that comes to the http url of our application to https, in order to do that we set the following values in the web.xml in the deploy/jboss-web.deployer/conf directory.
<security-constraint>
<web-resource-collection>
<web-resource-name>securedapp</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
This does successfully redirect the user to the https location HOWEVER they use a different port as to what was configured in the server.xml in the deploy/jboss-web.deployer path
<Connector port="8381" address="${jboss.bind.address}"
maxThreads="350" maxHttpHeaderSize="8192"
emptySessionPath="true" protocol="HTTP/1.1"
enableLookups="false" redirectPort="8543" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" compression="on" />
<!-- Define a SSL HTTP/1.1 Connector on port 8643
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<!---->
<Connector port="8543" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
keystorePass="changeit"
/>
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" address="${jboss.bind.address}" protocol="AJP/1.3"
emptySessionPath="true" enableLookups="false" redirectPort="8543" />
<Engine name="jboss.web" defaultHost="localhost" jvmRoute="data1">
We had the https port set to 8543 which did then work however the https port that did redirect the user to when the user went to the http url was 8744 (when we set 8744 in the server.xml it worked successfully), however we could not find where the 8744 port was taken, does anyone know how to configure which port the first mentioned code placed in the web.xml redirects to
Another query is that when we put this configuration in to production the https port will be "443", we need to know where to set 443 for the "security-constraint" entry to redirect to. Accessing http://www.data.com will have to redirect to https://www.data.com then
Regards,
Milinda
Well, the good news is that in production it will work fine. The security constraint is doing its job, but it is designed to work only between http (80) and https(443).
Pay attention that 8744 - 8381 = 363 = 443 - 80
I am using JBoss-4.2.3.GA and have observed the same behavior, not sure if it is still doing this on Wildfly.