mk1336
30th August 2008, 04:48
Hi,
I have installed successfully the Apache2.2+Tomcat5.5+SSL.
The http://domainname/archive/welcome.do works fine.
If i changes the HTTP with HTTPS I get error on browser :
You don't have permission to access /archive/ on this server.Forbiden
I got this error on the Apache error_log:
[notice] Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7a DAV/2
mod_jk/1.2.26 configured -- resuming normal operations
[error] [client ...] (13)Permission denied: access to /archive/
denied, referer: https://domainname/archive/welcome.do
I did not set up the archive web application path in the
httpd-ssl.conf file (to be accessible on port 443).
should I include Tomcat web application path directory on httpd-ssl.conf?
How?
The httpd.conf (short):
<IfModule mod_jk.c>
JkWorkersFile conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel error
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
Alias /materials "/usr/local/jakarta-tomcat/webapps/archive/"
<Directory "/usr/local/jakarta-tomcat/webapps/archive/">
Options Indexes +FollowSymLinks
AllowOverride None
Allow from all
</Directory>
JkMount /archive/* example
</IfModule>
Include conf/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
The httpd-ssl.conf file:
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLSessionCache shmcb:/usr/local/apache2.2/logs/ssl_scache(512000)
SSLSessionCacheTimeout 300
SSLMutex file:/usr/local/apache2.2/logs/ssl_mutex
##
## SSL Virtual Host Context
##
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/usr/local/apache2.2/htdocs"
ServerName www.sei.ubc.ca:443
ServerAdmin massoud.kohan@ubc.ca
ErrorLog /usr/local/apache2.2/logs/error_log
TransferLog /usr/local/apache2.2/logs/access_log
SSLEngine on
SSLCertificateFile /usr/local/apache2.2/conf/mydomain.crt
SSLCertificateKeyFile /usr/local/apache2.2/conf/mydomain.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/apache2.2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
CustomLog /usr/local/apache2.2/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Thanks for your help
MK
I have installed successfully the Apache2.2+Tomcat5.5+SSL.
The http://domainname/archive/welcome.do works fine.
If i changes the HTTP with HTTPS I get error on browser :
You don't have permission to access /archive/ on this server.Forbiden
I got this error on the Apache error_log:
[notice] Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7a DAV/2
mod_jk/1.2.26 configured -- resuming normal operations
[error] [client ...] (13)Permission denied: access to /archive/
denied, referer: https://domainname/archive/welcome.do
I did not set up the archive web application path in the
httpd-ssl.conf file (to be accessible on port 443).
should I include Tomcat web application path directory on httpd-ssl.conf?
How?
The httpd.conf (short):
<IfModule mod_jk.c>
JkWorkersFile conf/workers.properties
JkLogFile logs/mod_jk.log
JkLogLevel error
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
Alias /materials "/usr/local/jakarta-tomcat/webapps/archive/"
<Directory "/usr/local/jakarta-tomcat/webapps/archive/">
Options Indexes +FollowSymLinks
AllowOverride None
Allow from all
</Directory>
JkMount /archive/* example
</IfModule>
Include conf/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
The httpd-ssl.conf file:
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLSessionCache shmcb:/usr/local/apache2.2/logs/ssl_scache(512000)
SSLSessionCacheTimeout 300
SSLMutex file:/usr/local/apache2.2/logs/ssl_mutex
##
## SSL Virtual Host Context
##
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/usr/local/apache2.2/htdocs"
ServerName www.sei.ubc.ca:443
ServerAdmin massoud.kohan@ubc.ca
ErrorLog /usr/local/apache2.2/logs/error_log
TransferLog /usr/local/apache2.2/logs/access_log
SSLEngine on
SSLCertificateFile /usr/local/apache2.2/conf/mydomain.crt
SSLCertificateKeyFile /usr/local/apache2.2/conf/mydomain.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/apache2.2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
CustomLog /usr/local/apache2.2/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Thanks for your help
MK