I'm pretty new to Apache and Tomcat, and I'm finding myself working with it a lot of my job, so I'm having to learn as I go. One thing I struggle with a lot is mod_jk, and I'm pretty stumped by an issue I'm having right now.
I'm trying to use apache to forward all traffic coming in on port 443 to 8443, where an application is installed, but for some reason it isn't doing its thing. Here's what I have currently in my vhosts file:
<VirtualHost *:443>
DocumentRoot /opt/tomcat/tomcat6/webapps/StoreFront
ServerName testbuilder2.domain.com
ServerAdmin networksupport@domain.com
ErrorLog /etc/httpd/logs/builder.error_log
TransferLog /etc/httpd/logs/builder.transfer_log
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
SSLCertificateFile /etc/httpd/conf/certs/*.domain.com.crt
SSLCertificateKeyFile /etc/httpd/conf/certs/wildcardprivate.key
SSLCertificateChainFile /etc/httpd/conf/certs/IntermediateCABundle.crt
JkMount /* testbuilder2
My workers.properties looks like this:
worker.list=testbuilder2,jk-status
########## Template Worker ###########
worker.template1.type=ajp13
worker.template1.socket_keepalive=true
worker.template1.ping_mode=A
worker.template1.ping_timeout=10000
worker.template1.connection_pool_minsize=0
worker.template1.connection_pool_timeout=600
worker.template1.reply_timeout=300000
worker.template1.recovery_options=3
######### Workers ###################
# testbuilder2
worker.testbuilder2.reference=worker.template1
worker.testbuilder2.port=8009
worker.testbuilder2.host=localhost
worker.testbuilder2.activation=A
mod_jk.conf:
LoadModule jk_module modules/mod_jk.so
JkWorkersFile conf/workers.properties
# Ensure the following directory exists if not changed.
JkShmFile /var/cache/httpd/mod_jk.shm
JkLogFile logs/mod_jk.log
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
This all looks correct to me, but then again, I'm pretty dumb. :p
Is there anything here obviously wrong? Whenever I go to https://testbuilder2.domain.com, it just takes me right to the apache welcome screen still. The weird thing is that I've tried setting this up on port 80, and it works correctly:
<VirtualHost *:80>
DocumentRoot /opt/tomcat/tomcat6/webapps/StoreFront
ServerName testbuilder2.domain.com
ServerAdmin networksupport@domain.com
ErrorLog /etc/httpd/logs/builder.error_log
TransferLog /etc/httpd/logs/builder.transfer_log
JkMount /* testbuilder2
Using that causes it to load our application just fine, from any URL. So I know that I have everything I need to make it work, I'm just doing something really wrong. Any ideas?
I'm on CentOS Linux release 7.1.1503 (Core), minimal install, Apache 2.4, Tomcat 6. Mod_jk version 1.2.40 I think.
