[stunnel-users] stunnel and AJP
Richard.Hall at ingenta.com
Wed Sep 13 17:39:51 CEST 2006
On Wed, 6 Sep 2006, Jones Scott - sjones wrote:
> Any chance you could send me a sample configuration file? :)
Sorry for the delay, this got buried and has only just resurfaced.
For a local Apache (ie local to the machine running JBoss), a
non-stunnel'd config has something like
JkMount /folder/* workername
in httpd.conf, and
in mod_jk.properties (the JkWorkersFile file)
For a remote Apache, you don't need to change mod_jk.properties. But
instead of having JBoss listening on port 7003, you have an stunnel
client, with a config something like
accept = localhost:7003
connect = jboss-server:17003
And then on your local server, i.e. the one running JBoss, you have an
accept = 17003
connect = localhost:7003
(You might want to consider how best to stop the rest of the world
connecting to port 17003. I do it out at the firewall)
> Just got it install and going to start trying to get it setup.
> I am going to try to end the tunnel on a BigIP box. So just set it up
> on the apache server and hope it can end on the BigIP box.
Don't know a thing about BigIP boxes! Good luck.
More information about the stunnel-users