在Apache上为mod_jk到JBoss设置SSL作为
我已经将Apache配置为充当负载平衡器,向JBoss发送http请求。然而,添加https被证明是困难的。我相信我需要使用虚拟主机。我有需要的证书和密钥文件,如果有人知道怎么做,请分享 这是我的httpd(相关部件): 这是我的mod-jk.conf:在Apache上为mod_jk到JBoss设置SSL作为,apache,jboss,apache2,jboss5.x,mod-jk,Apache,Jboss,Apache2,Jboss5.x,Mod Jk,我已经将Apache配置为充当负载平衡器,向JBoss发送http请求。然而,添加https被证明是困难的。我相信我需要使用虚拟主机。我有需要的证书和密钥文件,如果有人知道怎么做,请分享 这是我的httpd(相关部件): 这是我的mod-jk.conf: #************************************************************ LoadModule jk_module modules/mod_jk.so LoadModule ssl
#************************************************************
LoadModule jk_module modules/mod_jk.so
LoadModule ssl_module modules/mod_ssl.so
JkWorkersFile conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
JkOptions +ForwardKeySize +ForwardURICompatUnparsed -ForwardDirectories
JkRequestLogFormat "%w %V %T"
JkMount /__application__/* loadbalancer
JkUnMount /__application__/images/* loadbalancer
JkMountFile conf/uriworkermap.properties
JkShmFile run/jk.shm
<Location /jkstatus>
JkMount status
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from 192.168.140.128
</Location>
#************************************************************
以下是my server.xml(在JBoss中):
您必须将https配置添加到apache:
<IfModule ssl_module>
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
#CA certificates for root and intermediate
SSLCACertificateFile "C:/production/certs/provider/providerRoot.crt"
SSLCertificateChainFile "C:/production/certs/provider/providerIntermediate.crt"
#Generated first via openssl; Server public and private keys.
SSLCertificateFile "C:/production/certs/provider/your.crt"
SSLCertificateKeyFile "C:/production/certs/provider/your.key"
</IfModule>
您必须将https配置添加到apache:
<IfModule ssl_module>
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
#CA certificates for root and intermediate
SSLCACertificateFile "C:/production/certs/provider/providerRoot.crt"
SSLCertificateChainFile "C:/production/certs/provider/providerIntermediate.crt"
#Generated first via openssl; Server public and private keys.
SSLCertificateFile "C:/production/certs/provider/your.crt"
SSLCertificateKeyFile "C:/production/certs/provider/your.key"
</IfModule>
<Server>
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Service name="jboss.web">
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}"
connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8"/>
<Connector port="8009" address="${jboss.bind.address}"
emptySessionPath="true" enableLookups="false" redirectPort="8443"
protocol="AJP/1.3" connectionTimeout="600000" maxThreads="200"/>
<Engine name="jboss.web" defaultHost="v-77-if-vm.us.nohsib.com" jvmRoute="node1">
<Realm className="org.jboss.web.tomcat.security.JBossWebRealm"
certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
allRolesMode="authOnly"
/>
<Host name="v-77-if-vm.us.nohsib.com">
<Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve"
cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
transactionManagerObjectName="jboss:service=TransactionManager" />
</Host>
</Engine>
</Service>
</Server>
<IfModule ssl_module>
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
#CA certificates for root and intermediate
SSLCACertificateFile "C:/production/certs/provider/providerRoot.crt"
SSLCertificateChainFile "C:/production/certs/provider/providerIntermediate.crt"
#Generated first via openssl; Server public and private keys.
SSLCertificateFile "C:/production/certs/provider/your.crt"
SSLCertificateKeyFile "C:/production/certs/provider/your.key"
</IfModule>
<VirtualHost *:443>
SSLEngine On
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]