Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a question about using HTTPS in a JBossAS7 web application (a “universal” shopping cart system) exposed via AJP (tomcat) connector with an Apache2 web server.
I read some documentation on how to configure SSL-HTTPS in JBossAS and a lot of tutorials explaining SSL with Apache2 but….
Which way do I have to choose?
Is it enough to configure SSL-HTTPS in Apache2 for my website/application?
Or do I have to configure JBoss for SSL too?
I think configuring SSL on both JBoss and Apache is an overkill. I suggest you implement SSL on Apache only. You could add an additional layer of security by adding firewall rules to only allow Apache web servers to access JBoss application servers.