Results 1 to 3 of 3
  1. #1
    Join Date
    Jul 2009

    SSL tomcat/Apache or Tomcat/APR

    Ok I'm making good progress on getting my first vps up and running, now its time to tackle ssl.

    My question/concerns are:

    Should I use Tomcat (I'm running tomcat 6) & SSL, or should I use Apache as the front end with it handling the SSL encrypt/decrypt.

    As of right now I don't use Apache for anything i.e. its not even installed.

    I believe in order to get Tomcat working properly with SSL is not exactly do it right I will want native 'APR' (Apache Portal Runtime)..which I believe is in fact just Apache...but I'm not sure.

    Anyone out there have any advice? are there any pros/cons of using Tomcat/APR, vs Tomcat/Apache.

    note: the only static content my server serves is *.js/*.css/images.
    Everything else jsp/ajax requests.

    (I believe in theory it may be beneficial to move the *.js/*.css/images) into the Apache server, but I think with APR this may make no difference?

  2. #2
    Join Date
    Aug 2002
    Superior, CO, USA
    What makes you think that you need Apache on the front end to handle SSL? The Tomcat SSL how to makes it pretty easy to handle. Most SSL providers can generate a certificate that works just fine for Tomcat/Java.

    Take a look at the docs and see if you run into any issues.

    As far as separating static content from dynamic content - every benchmark I've seen shows that Tomcat is about as fast and in some instances faster than Apache. Of course the old saying goes that there are lies, damn lies, and statistics. Unless you're seeing a huge slowdown I wouldn't worry about it.
    Need Java help? Want to help people who do? Sit down with a cup of Java at the hotjoe forums.

  3. #3
    Join Date
    Jul 2009
    Yeah, I believe with APR installed your correct (however without APR the ssl will certainly be much slower in Tomcat..or so I'm led to believe...I haven't really been able to find any benchmarks you have any links?), tomcat vs apache performance for static content is essentially on par. My understanding however is that most people prefer to run Apache as root receiving ports 80/443, then forwarding them via ajp to tomcat...this also allows Apache to actually run on different hardware, which would should make it harder to hack into the backend. Regardless my operation is not that big (yet...dreams..) so I just went with tomcat/apr solution. (hopefully I will have ssl fully up and running today the install process for the ssl cert I believe is not the normal tomcat process..hence its more complicated then I initially fact I think when it comes to the cert follow the 'apache' cert installation process, but substitute the server.xml from tomcat for pointing it to the certs..etc.).

Similar Threads

  1. DA-Tomcat ~ Tomcat Manager Plugin for DirectAdmin
    By hehachris in forum Other Web Hosting Related Offers
    Replies: 3
    Last Post: 10-07-2010, 07:45 PM
  2. apache tomcat
    By rankris in forum Hosting Security and Technology
    Replies: 0
    Last Post: 04-26-2009, 07:13 AM
  3. apache + tomcat?
    By capt_nemo777 in forum Hosting Software and Control Panels
    Replies: 1
    Last Post: 03-05-2008, 01:19 PM
  4. Admin to configure Tomcat 4 to run with Tomcat 3
    By dpshost in forum Employment / Job Offers
    Replies: 0
    Last Post: 09-17-2002, 02:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts