Configuring Apache HTTP and Tomcat for Client Certificate Authentication
Very quickly:
Ensure Apache's SSL virtual host configuration contains the following directives:
SSLVerifyClient require
SSLOptions +ExportCertData +StdEnvVars
You must use the ajp protocol for the proxy to forward the client certificate to the Tomcat server. Place the proxy directives in the SSL virtual host configuration:
Proxy / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
Enable the ajp protocol in the Tomcat server's server.xml file:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
More info at How to configure mod_proxy_ajp with Tomcat ?
You must use the ajp protocol for the proxy to forward the client certificate to the Tomcat server. Place the proxy directives in the SSL virtual host configuration:
Proxy / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
Enable the ajp protocol in the Tomcat server's server.xml file:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
More info at How to configure mod_proxy_ajp with Tomcat ?
posted by jac1962 @ 2:29 PM
0 Comments
