Question
Apache Http SSL Reverse Proxy AJP Tomcat
- Posted on July 6, 2020
- ApacheLet's Encrypt
Asked by matt9189
I have setup Apache, Tomcat, and LetsEncrypt following the tutorials available and my website homepage is running. I am trying to setup a reverse proxy to webapps on Tomcat, though every tutorial I have followed results in failure. I don’t know how to figure out what is happening behind the scenes, i.e., why the request is not going through, so I cannot figure out how to fix the issue.
Tomcat server.xml Connector <Connector protocol=“AJP/1.3” address=“0.0.0.0” secretRequired=“false” port=“8009” redirectPort=“8443” proxyName=“www.example.com” proxyPort=“80” />
I have a <virtualhost *:80> in apache config. ProxyPass /example ajp://localhost:8009/example
I tried setting up a <virtualhost *:443> as well, but when I link to the cert file from letsencrypt, the server fails to start. I have tried a number of different configurations but I am just not able to get it working if anyone has a sample configuration with this setup that is functioning, it would be really helpful. Thank you.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
I resolved the issue. Let’s Encrypt creates a config file for the website that I did not know about. Whenever I attempted to modify the settings of the virtual host at port 443, it would conflict and break. I changed the *:80 to redirect to https site (rather that rewrite) and I removed everything from there except the servername and alias. Then, in the example.com-le-ssl.conf file created by letsencrypt, I added the proxypass. If anyone sees this and has a similar problem, hopefully this answer helps. The one thing about scripts is that I can’t always tell when things are created because I had checked that folder earlier to remove defaults and did not realize that something was added.
To update, when I go directly to the ip address for the site, the proxy is working, but not when I got to the named site.