I've developed a java application that need a ssl client certificate and in the staging environment with apache 2.2 and mod_jk it is working fine. In production the configuration is not using mod_jk but mod_proxy_ajp. I'm looking for an apache configuration example that configure ssl and mod_proxy_ajp for sending the ssl client certificate to the java application server (which listens with the ajp protocol). Thanks a lot
- You should keep staging and production the same. Otherwise you will get more of these problems.Christian– Christian2010-09-07 07:56:36 +00:00Commented Sep 7, 2010 at 7:56
- I can't get the mod_jk configuration working. Can you help? stackoverflow.com/questions/58240796/…user157726– user1577262019-10-05 07:39:55 +00:00Commented Oct 5, 2019 at 7:39
Add a comment |
3 Answers
Using mod_proxy_ajp, you will need to set the RequestHeader directive to pass through the SSL parameters. Just refer to the Apache docs for examples on setting the directive either in a <Location> or <VirtualHost> section.
Mine is configured like so (although this configuration breaks any additional mod_rewrite rules that I create... and i dont know why):
<Location /> ProxyPass ajp://localhost:8009/ ProxyPassReverse ajp://localhost:8009/ </Location> RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} Redirect permanent / https://mysite.com/myapp?user= answered Apr 28, 2011 at 2:30
I setup an apache web server and I found that mod_ajp forwards the client certificate without explicit configuration. my apache configurations is
SSLEngine on SSLOptions +StdEnvVars +ExportCertData ProxyRequests Off SSLVerifyClient optional_no_ca <Proxy /> Allow from All </Proxy> ProxyPass /sportellosociale ajp://localhost:8009/sportellosociale ProxyPassReverse /sportellosociale ajp://localhost:8009/sportellosociale* I omitted the SSLCertificate directives
