You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Richard S. Huntrods" <hu...@nucleus.com> on 2001/12/21 04:24:18 UTC
HTTP and HTTPS on two servers...
Greetings!
Well, the more you learn, the more you know how little you know! <G>
Current status: I have two servers, one with Apache only and one with
Tomcat only. This is for historic reasons of server load, but serves me
very well.
The Apache server listens only to port 80. All works well. For
example, "http://xx.xx.xx.xx/" calls up the appropriate index.html page.
The Tomcat server now only listens to port 443 - and responds with SSL
enabled servlets. This also works well. For example:
"https://yy.yy.yy.yy/" calls up a secure index.html file, which starts
the servlets rolling.
NOW, heres the problem. A router directs port 80 to the Apache server
and port 443 to the Tomcat server. There is a domain name pointing to
the address of the router. If you type "http://domain.com/", the Apache
server properly serves the web page. HOWEVER - if you type
"https://domain.com/", you get the infamous "page cannot be displayed"
message.
How does one direct "https" inquiries to port 443? I thought this would
work. Who or what interprets "https" as a request on port 443? Must I
configure the port 80 Apache machine to "hear" requests on port 443 and
then relay them to the Tomcat box - and if so, how? (which Apache
config file)
Thanks very much in advance,
-Richard
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: HTTP and HTTPS on two servers...
Posted by Hitesh Sharma <sh...@yahoo.com>.
there is no need to do anything for this cause your browser knows that it
has to send https queries on port 443.
the reason that you are getting "page can not be displayed" error might be
that tomcat is not starting listening on port 443.
just check by issuing a command "telnet domain.com 443" if a connection is
established or not.
hitesh
----- Original Message -----
From: "Richard S. Huntrods" <hu...@nucleus.com>
To: <to...@jakarta.apache.org>
Sent: Friday, December 21, 2001 8:54 AM
Subject: HTTP and HTTPS on two servers...
> Greetings!
>
> Well, the more you learn, the more you know how little you know! <G>
>
> Current status: I have two servers, one with Apache only and one with
> Tomcat only. This is for historic reasons of server load, but serves me
> very well.
>
> The Apache server listens only to port 80. All works well. For
> example, "http://xx.xx.xx.xx/" calls up the appropriate index.html page.
>
> The Tomcat server now only listens to port 443 - and responds with SSL
> enabled servlets. This also works well. For example:
> "https://yy.yy.yy.yy/" calls up a secure index.html file, which starts
> the servlets rolling.
>
> NOW, heres the problem. A router directs port 80 to the Apache server
> and port 443 to the Tomcat server. There is a domain name pointing to
> the address of the router. If you type "http://domain.com/", the Apache
> server properly serves the web page. HOWEVER - if you type
> "https://domain.com/", you get the infamous "page cannot be displayed"
> message.
>
> How does one direct "https" inquiries to port 443? I thought this would
> work. Who or what interprets "https" as a request on port 443? Must I
> configure the port 80 Apache machine to "hear" requests on port 443 and
> then relay them to the Tomcat box - and if so, how? (which Apache
> config file)
>
> Thanks very much in advance,
>
> -Richard
>
>
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: HTTP and HTTPS on two servers...
Posted by "Richard S. Huntrods" <hu...@nucleus.com>.
Greetings! - Me again!
Problem solved. I *was* correct - https has been standardized as port 443 -
so Netscape, Opera, IE - all must support it.
My particular problem was the "defaultrouter" file in Solaris. My firewall
that forwarded port 443 to the Tomcat server was on one local address, but
the Tomcat machine was using another as the defaultrouter. I edited
defaultrouter to point to the router that was doing the forwarding,
rebooted, and everything works!
Cheers,
-Richard
"Richard S. Huntrods" wrote:
> Greetings!
>
> Well, the more you learn, the more you know how little you know! <G>
>
> Current status: I have two servers, one with Apache only and one with
> Tomcat only. This is for historic reasons of server load, but serves me
> very well.
>
> The Apache server listens only to port 80. All works well. For
> example, "http://xx.xx.xx.xx/" calls up the appropriate index.html page.
>
> The Tomcat server now only listens to port 443 - and responds with SSL
> enabled servlets. This also works well. For example:
> "https://yy.yy.yy.yy/" calls up a secure index.html file, which starts
> the servlets rolling.
>
> NOW, heres the problem. A router directs port 80 to the Apache server
> and port 443 to the Tomcat server. There is a domain name pointing to
> the address of the router. If you type "http://domain.com/", the Apache
> server properly serves the web page. HOWEVER - if you type
> "https://domain.com/", you get the infamous "page cannot be displayed"
> message.
>
> How does one direct "https" inquiries to port 443? I thought this would
> work. Who or what interprets "https" as a request on port 443? Must I
> configure the port 80 Apache machine to "hear" requests on port 443 and
> then relay them to the Tomcat box - and if so, how? (which Apache
> config file)
>
> Thanks very much in advance,
>
> -Richard
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: HTTP and HTTPS on two servers...
Posted by Denny Chambers <dc...@snapserver.com>.
The browser determine which port it will attempt to connect on by the
protocol portion of the URL.
If you type in something like:
www.mydomain.com
the browser will default to port 80 and will procede in making a
connection to the remote server on the port. Because you did not specify
a protocol, it assumes you mean http
If you type something like this:
http://www.mydomain.com
the browser knows you mean the http protocol and proceeds to make the
connection. You can override the default behavior of course with a
request like this:
http://www.mydomain.com:81
this will obviously direct you to port 81 on the remote server. This
same set of rules apply to other protocols as well:
https:// -> 443
ftp:// -> 21
Unless you specify an alternate port number the browser will choose the
defaults for the specified protocol.
This problem sounds more like it is in the "router". Is this a router or
is it some kind of firewall doing port forwarding. My first suggestion
would be to start looking at your logs on all three machine (router,
http server, https server) and try to figure out where these https
packets are going. A sniffer may help here as well.
If you need to do a redirect from the http server to the https server,
you can do something like this:
<html>
<head>
<meta HTTP-EQUIV="REFRESH" CONTENT="0; URL=https://www.securecat.com">
<title>Redirecting to Secure Server...</title>
</head>
<body>
</body>
</html>
You can also look at some of the redirect techniques for apache at there
web page.
HTH
Denny
"Richard S. Huntrods" wrote:
>
> Greetings!
>
> Well, the more you learn, the more you know how little you know! <G>
>
> Current status: I have two servers, one with Apache only and one with
> Tomcat only. This is for historic reasons of server load, but serves me
> very well.
>
> The Apache server listens only to port 80. All works well. For
> example, "http://xx.xx.xx.xx/" calls up the appropriate index.html page.
>
> The Tomcat server now only listens to port 443 - and responds with SSL
> enabled servlets. This also works well. For example:
> "https://yy.yy.yy.yy/" calls up a secure index.html file, which starts
> the servlets rolling.
>
> NOW, heres the problem. A router directs port 80 to the Apache server
> and port 443 to the Tomcat server. There is a domain name pointing to
> the address of the router. If you type "http://domain.com/", the Apache
> server properly serves the web page. HOWEVER - if you type
> "https://domain.com/", you get the infamous "page cannot be displayed"
> message.
>
> How does one direct "https" inquiries to port 443? I thought this would
> work. Who or what interprets "https" as a request on port 443? Must I
> configure the port 80 Apache machine to "hear" requests on port 443 and
> then relay them to the Tomcat box - and if so, how? (which Apache
> config file)
>
> Thanks very much in advance,
>
> -Richard
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: HTTP and HTTPS on two servers...
Posted by Jan Labanowski <jk...@osc.edu>.
Check up some old write-ups on:
http://www.ccl.net/cca/software/UNIX/apache/index.shtml
But I am afraid you are out of luck. If you create a virtual host
for port 443 in Apache's httpd.conf and put the connector statements there
(check the URLS above), Apache will be doing SSL and Apache
will be processing the certificates. Since tomcat will only talk via
connector to Apache, it will not process the certificates, and Tomcat can
only can check the header of the request to see if it was HTTPS (and that
it was negotiated by Apache). If you are doing basic authentication than
tomcat will also be able to find the user id.
If you find a solution for doing a right thing with:
HTTPS-->Apache-->connector-->Tomcat
tell us... Good luck.
Jan
On Thu, 20 Dec 2001, Richard S. Huntrods wrote:
> Greetings!
>
> Well, the more you learn, the more you know how little you know! <G>
>
> Current status: I have two servers, one with Apache only and one with
> Tomcat only. This is for historic reasons of server load, but serves me
> very well.
>
> The Apache server listens only to port 80. All works well. For
> example, "http://xx.xx.xx.xx/" calls up the appropriate index.html page.
>
> The Tomcat server now only listens to port 443 - and responds with SSL
> enabled servlets. This also works well. For example:
> "https://yy.yy.yy.yy/" calls up a secure index.html file, which starts
> the servlets rolling.
>
> NOW, heres the problem. A router directs port 80 to the Apache server
> and port 443 to the Tomcat server. There is a domain name pointing to
> the address of the router. If you type "http://domain.com/", the Apache
> server properly serves the web page. HOWEVER - if you type
> "https://domain.com/", you get the infamous "page cannot be displayed"
> message.
>
> How does one direct "https" inquiries to port 443? I thought this would
> work. Who or what interprets "https" as a request on port 443? Must I
> configure the port 80 Apache machine to "hear" requests on port 443 and
> then relay them to the Tomcat box - and if so, how? (which Apache
> config file)
>
> Thanks very much in advance,
>
> -Richard
>
>
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
>
Jan K. Labanowski | phone: 614-292-9279, FAX: 614-292-7168
Ohio Supercomputer Center | Internet: jkl@osc.edu
1224 Kinnear Rd, | http://www.ccl.net/chemistry.html
Columbus, OH 43212-1163 | http://www.osc.edu/
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>