Category: servers

Enabling mod_jk in apache 2,tomcat and glassfish

Configuring Apache 2 and Tomcat flow the below links,

http://thetechnocratnotebook.blogspot.in/2012/05/installing-tomcat-7-and-apache2-with.html

Configuring the GlassFish execute the below commands and deploy a war file.

asadmin> create-network-listener --protocol http-listener-1 --listenerport 8009 --jkenabled true jk-connector
asadmin> set configs.config.server-config.network-config.network-listeners.network-listener.jk-connector.jk-enabled=true

 

Ref Link for Glass fish
https://docs.oracle.com/cd/E26576_01/doc.312/e24928/webapps.htm#GSADG00371
https://technology.amis.nl/2009/08/14/making-glassfish-v3-available-using-apache2-and-mod_jk/

Steps to enable SSL in Apache tomcat 8

Step 1 : Need to generate a self-signed certificate using key tool. Go to terminal and type the below command


keytool -keystore clientkeystore -genkey -alias client -keyalg RSA 

It will ask for password and the organization details(optional). Enter the relevant details and finally it will generate the key file called “clientkeystore”. Step 2: Go to Apache tomcat location and conf folder.Then edit server.xml file and un commented the below line Find the following declaration:

<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
 maxThreads="150" scheme="https" secure="true"
 clientAuth="false" sslProtocol="TLS" />
-->

Uncomment it and modify it to look like the following:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
 maxThreads="150" scheme="https" secure="true"
 clientAuth="false" sslProtocol="TLS"
 keystoreFile="/etc/tomcat6/keystore"
 keystorePass="changeit" />

keystoreFile location of your clientkeystore generated in setep 1. changeit is the password give in step 1 during key generation. Step 3: Go to web.xml in conf folder and add the below configuration,


<security-constraint>
 <web-resource-collection>
 <web-resource-name>Security</web-resource-name>
 <url-pattern>/*</url-pattern>
 </web-resource-collection>
 <user-data-constraint>
 <transport-guarantee>CONFIDENTIAL</transport-guarantee>
 </user-data-constraint>
 </security-constraint>

The url pattern is set to /* so any page/resource from your application is secure (it can be only accessed with https). Thetransport-guarantee tag is set to CONFIDENTIAL to make sure your app will work on SSL. If you want to turn off the SSL, you don’t need to delete the code above from web.xml, simply change CONFIDENTIAL to NONE.