I do have a "simple" question that probably can be answered by you in seconds 😉
I setup an apache webserver (v2.2), this apache server serves as balancer with "mod_jk" enabled. 2 different applications are hosted on this server, called "low" and "high". The tomcat servers that I am using are V6.0x servers.
Here comes the apache httpd.conf (abstract):
# Load mod_jk module
LoadModule jk_module modules/mod_jk-1.2.30-httpd-2.2.3.so
# Where to find workers.properties
JkWorkersFile conf/workers.properties
# loadbalancer contains the first application that may be clustered (runs on more tomcat instances/servers)
JkMount /high/* loadbalancer
# webworker contains the second application that runs in a single tomcat instance
JkMount /low/* webworker
As you can see there are two defined mappings. The first one "high" goes to the loadbalancer (2 application servers "worker1" and "worker2", see worker.properties below). The second resolves to "low" and goes to the webworker (just another tomcat instance on this server).
Here comes the worker.properties:
# Define worker list
worker.list=worker1,worker2,loadbalancer,webworker
# Set properties for worker1 (ajp13, http=8080, https=8443)
# Note: worker1 runs on the same machine as the serving apache webserver
worker.worker1.type=ajp13
worker.worker1.host=appserver1.example.com
worker.worker1.port=8009
worker.worker1.lbfactor=1
# Set properties for worker2 (ajp13, http=8080, https=8443)
# Note: worker2 runs on a different machine
worker.worker2.type=ajp13
worker.worker2.host=appserver2.example.com
worker.worker2.port=8010
worker.worker2.lbfactor=2
# Set properties for webworker (ajp13, http=9090, https=9443)
# Note: webworker runs on the same machine as the serving apache webserver
worker.webworker.type=ajp13
worker.webworker.host=appserver1.example.com
worker.webworker.port=8010
# Set properties for load balancer
worker.loadbalancer.type=lb
worker.loadbalancer.balance_workers=worker1, worker2
So, here is my question:
How can I setup that all requests for the mapping "low" should be rewritten to "https"? The second application "low" should be run completely secured.
i.e. calling "http://www.myapplication.com/low" leads the apache server to rewrite this to "https://www.myapplication.com/low".
Is this possible with "mod_rewrite"? Where do I have to place the certificate-file? Has the certificate to be configured in the tomcat-config (server.xml) or in apache-config (or perhaps in both config-files)?
Thx for your help 🙂
Found a solution:
Bruno helped me out, so this is my working configuration (placed the config in additional file called httpd-vhosts.conf):
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@example.com
ServerName appserver1.example.com:443
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
JkMount /low/* webworker
</VirtualHost>
</IfModule>
<VirtualHost *:80>
ServerAdmin webmaster@example.com
ServerName appserver1.example.com
JkMount /high/* loadbalancer
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/low(.*) https://appserver1.example.com/low$1 [R,L]
</IfModule>
</VirtualHost>
Best Answer
Have you tried something like this (assuming you've loaded mod_rewrite)?
If you use Apache Httpd as a frontend, that's where SSL needs to be configured (see documentation for the mod_ssl module).
Typically, this will look like this: