Tomcat with Apache HTTP server is a very common configuration for getting a J2EE application up and running. Though Tomcat is not a complete J2EE server (does not support EJB's) it is a very stable J2EE web server. It can also act as a standalone web server without the need for a proxy server like Apache's HTTP server.

I personally however feel that is a better J2EE server out there in the open source market namely Resin but Tomcat has one major advantage which Resin does not have which is proper support and documentation. This is what makes it more popular than Resin which beats Tomcat on performance grounds.

Enough gyan on servers. Lets get our hands dirty in setting up Tomcat with Apache Http server having SSL for encryption and security.

We will tackle the setup in two stages:-

1. Get the HTTP server working with Tomcat so that it can re-route the jsp and servlet requests to Tomcat.

2. Get SSL working with Apache's HTTP server.

Before we start doing anything make sure you have all the necessary software.

My software setup had the was as follows:-

Windows 2003 Server

Apache HTTP server 2.2.4 with SSL

Apache Tomcat 5.5.23

mod_jk

The reason I chose Apache with SSL so that I need not download and install the ssl module seperately.

mod_jk would be responsible for forwarding the requests from the HTTP server to the J2EE server(Tomcat).

Download three other files which should serve as referneces for your setup :-

workers.properties

httpd.conf

httpd-ssl.conf

The files workers.properties and httpd.conf have the necessary info redirect servlet requests to the J2EE server through HTTP server.

The line LoadModule jk_module modules/mod_jk.so enables the jk module which is a tomcat connector to the apache http server. You would need to download the jk module file which is specific to your Apache HTTP server version from any of the mirrors from the link mentioned above for mod_jk and rename the file to mod_jk.so.

The sample workers.properties file contains just one worker which would handle the servlet requests. The lines

JkWorkersFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/workers.properties" and

JkMount /ARNT|/* worker1

tell the http server what needs to go where. /ARNT|/* tells the URL patterns which need to be redirected to Tomcat. Have a look at the file httpd.conf to know what goes where.

Try accessing any JSP now through the http server that is on port 80 to see if the request goes through.

Now its time to setup SSL.

Before proceeding make sure you have the certificate and the private key for implementing SSL.

Since we have installed a version of apache with SSL we need not install the ssl module seperately however we need to uncomment the line LoadModule ssl_module modules/mod_ssl.so in the http.conf file to tell apache that it needs to lead that module.

Open the file httpd-ssl.conf which you downloaded for reference and go to the line

SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/10.186.133.143.crt".

This line tells Apache where the certificate is stored.

SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/10.186.133.143.key"

tells apache where the private key is stored.

And you are done. Restart Apache and tomcat after any change to the configuration file so that your changes can take effect.

Hope it works.